13188 matches found
UCStats 1.1 - SQL Injection
UCStats 1.1 Remote SQL Injection Vulnerability Author: Sora Contact: vhr95zw at hotmail dot com Website: http://greyhathackers.wordpress.com/ Google Dork: "Powered by UCStats version 1.1" Vulnerability Description: UCStats version 1.1 suffers a remote SQL injection vulnerability in stats.php...
CVE-2009-4499
SQL injection vulnerability in the gethistorylastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted request, possibly related to the sendhistorylastid function in zabbixserver/trapper/nodehistory.c...
CVE-2009-4499
SQL injection vulnerability in the gethistorylastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted request, possibly related to the sendhistorylastid function in zabbixserver/trapper/nodehistory.c...
CVE-2009-4499
SQL injection vulnerability in the gethistorylastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted request, possibly related to the sendhistorylastid function in zabbixserver/trapper/nodehistory.c...
Sql injection
SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remote attackers to execute arbitrary SQL commands via the groupboardid parameter...
CVE-2009-4477
SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter...
Sql injection
SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2009-4477
SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2009-4470
CVE-2009-4470 describes an SQL injection in DVBBS 2.0. The affected component is boardrule.php, with the vulnerability occurring via the groupboardid parameter, enabling remote attackers to execute arbitrary SQL commands. The entry is corroborated across multiple sources (NVD, CVE listings). The ...
Sql injection
SQL injection vulnerability in newsdetail.php in Green Desktiny 2.3.1, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2009-4456
SQL injection vulnerability in newsdetail.php in Green Desktiny 2.3.1, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the id parameter...
Gentoo Security Advisory GLSA 200912-02 (rails)
The remote host is missing updates announced in advisory GLSA 200912-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Sql injection
SQL injection vulnerability in the JoomPortfolio comjoomportfolio component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the secid parameter in a showcat action to index.php...
Sql injection
SQL injection vulnerability in index.php in CodeMight VideoCMS 3.1 allows remote attackers to execute arbitrary SQL commands via the v parameter in a video action...
CVE-2009-4424
SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2009-4432
SQL injection vulnerability in index.php in CodeMight VideoCMS 3.1 allows remote attackers to execute arbitrary SQL commands via the v parameter in a video action...
CVE-2009-4437
CVE-2009-4437 affects Active Auction House 3.6. It has multiple SQL injection vulnerabilities allowing remote attackers to execute arbitrary SQL via the catid parameter to wishlist.asp and the linkid parameter to links.asp (vector 1 may overlap CVE-2005-1029). The description notes the issue is i...
Sql injection
SQL injection vulnerability in index.php in weenCompany 4.0.0 allows remote attackers to execute arbitrary SQL commands via the moduleid parameter. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in phpgwapi /inc/class.authsql.inc.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the passwd parameter to login.php...
XOOPS Content Module 0.5 SQL Injection Vulnerability
XOOPS is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xoops:xoops"; ifdescriptio...