Lucene search
K

13187 matches found

CVE
CVE
added 2010/01/06 9:33 p.m.50 views

CVE-2009-4583

The CVE-2009-4583 issue affects Joomla! via the DhForum (com_dhforum) component. The vulnerability is an SQL injection in the grouplist action of index.php, exploitable through the id parameter, enabling remote attackers to execute arbitrary SQL commands. The published CVSS2 base score is 7.5 (HI...

7.5CVSS8.7AI score0.00987EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2010/01/06 9:33 p.m.20 views

CVE-2009-4576

SQL injection vulnerability in the BeeHeard combeeheard component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a suggestions action to index.php...

8.3AI score0.01175EPSS
Exploits1References6
Prion
Prion
added 2010/01/05 7:0 p.m.18 views

Sql injection

SQL injection vulnerability in elkagroup Image Gallery allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI under news/...

7.5CVSS9.1AI score0.00987EPSS
Exploits1References4
Prion
Prion
added 2010/01/05 7:0 p.m.13 views

Sql injection

Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 allow remote attackers to execute arbitrary SQL commands via the 1 moduleid parameter in an admin/functionlist action, the 2 vendorid parameter in a vendor/vendorform action, the 3 moduleid parameter in an admin/moduleform actio...

7.5CVSS8.8AI score0.0202EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2010/01/05 7:0 p.m.13 views

CVE-2009-4569

SQL injection vulnerability in elkagroup Image Gallery allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI under news/...

7.5CVSS8.4AI score0.00987EPSS
Exploits1References4
NVD
NVD
added 2010/01/05 7:0 p.m.21 views

CVE-2009-4571

Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 allow remote attackers to execute arbitrary SQL commands via the 1 moduleid parameter in an admin/functionlist action, the 2 vendorid parameter in a vendor/vendorform action, the 3 moduleid parameter in an admin/moduleform actio...

7.5CVSS8.3AI score0.0202EPSS
Exploits1References5
NVD
NVD
added 2010/01/04 9:30 p.m.9 views

CVE-2009-4561

Multiple SQL injection vulnerabilities in Admin/index.php in WebLeague 2.2.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters...

6.8CVSS8.7AI score0.0085EPSS
Exploits0References2
Prion
Prion
added 2010/01/04 9:30 p.m.18 views

Sql injection

SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ZenPage plugin is enabled, allows remote attackers to execute arbitrary SQL commands via the category parameter, related to a URI under news/category/...

6.8CVSS9.1AI score0.00845EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2010/01/04 9:30 p.m.13 views

CVE-2009-4560

SQL injection vulnerability in profile.php in WebLeague 2.2.0 allows remote attackers to execute arbitrary SQL commands via the name parameter...

7.5CVSS8.3AI score0.00928EPSS
Exploits0References2
NVD
NVD
added 2010/01/04 9:30 p.m.15 views

CVE-2009-4564

SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ZenPage plugin is enabled, allows remote attackers to execute arbitrary SQL commands via the category parameter, related to a URI under news/category/...

6.8CVSS8.3AI score0.00845EPSS
Exploits0References1
Prion
Prion
added 2010/01/04 9:30 p.m.13 views

Sql injection

SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote attackers to execute arbitrary SQL commands via the title parameter in a news action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.7AI score0.00951EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2010/01/04 9:30 p.m.9 views

Sql injection

SQL injection vulnerability in profile.php in WebLeague 2.2.0 allows remote attackers to execute arbitrary SQL commands via the name parameter...

7.5CVSS9.1AI score0.00928EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2010/01/04 9:30 p.m.11 views

Sql injection

Multiple SQL injection vulnerabilities in Admin/index.php in WebLeague 2.2.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters...

6.8CVSS9.4AI score0.0085EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2010/01/04 9:0 p.m.18 views

CVE-2009-4560

SQL injection vulnerability in profile.php in WebLeague 2.2.0 allows remote attackers to execute arbitrary SQL commands via the name parameter...

8.3AI score0.00928EPSS
Exploits0References2
Cvelist
Cvelist
added 2010/01/04 9:0 p.m.21 views

CVE-2009-4564

SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ZenPage plugin is enabled, allows remote attackers to execute arbitrary SQL commands via the category parameter, related to a URI under news/category/...

8.3AI score0.00845EPSS
Exploits0References1
NVD
NVD
added 2010/01/04 5:30 p.m.15 views

CVE-2009-4551

SQL injection vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the campaignid parameter in a results action to index.php...

7.5CVSS8.3AI score0.00907EPSS
Exploits1References2
Prion
Prion
added 2010/01/04 5:30 p.m.11 views

Sql injection

SQL injection vulnerability in page.php in Mini CMS 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...

6.8CVSS9.1AI score0.00903EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2010/01/04 5:30 p.m.12 views

Sql injection

SQL injection vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the campaignid parameter in a results action to index.php...

7.5CVSS9.1AI score0.00907EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2010/01/04 5:0 p.m.22 views

CVE-2009-4551

SQL injection vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the campaignid parameter in a results action to index.php...

8.3AI score0.00907EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2010/01/01 12:0 a.m.58 views

UCStats 1.1 - SQL Injection

UCStats 1.1 Remote SQL Injection Vulnerability Author: Sora Contact: vhr95zw at hotmail dot com Website: http://greyhathackers.wordpress.com/ Google Dork: "Powered by UCStats version 1.1" Vulnerability Description: UCStats version 1.1 suffers a remote SQL injection vulnerability in stats.php...

7.4AI score
Exploits0
Rows per page
Query Builder