Lucene search
K

13188 matches found

Exploit DB
Exploit DB
added 2010/01/01 12:0 a.m.58 views

UCStats 1.1 - SQL Injection

UCStats 1.1 Remote SQL Injection Vulnerability Author: Sora Contact: vhr95zw at hotmail dot com Website: http://greyhathackers.wordpress.com/ Google Dork: "Powered by UCStats version 1.1" Vulnerability Description: UCStats version 1.1 suffers a remote SQL injection vulnerability in stats.php...

7.4AI score
Exploits0
OSV
OSV
added 2009/12/31 6:30 p.m.6 views

CVE-2009-4499

SQL injection vulnerability in the gethistorylastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted request, possibly related to the sendhistorylastid function in zabbixserver/trapper/nodehistory.c...

8.5AI score
Exploits0References4
Cvelist
Cvelist
added 2009/12/31 6:0 p.m.29 views

CVE-2009-4499

SQL injection vulnerability in the gethistorylastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted request, possibly related to the sendhistorylastid function in zabbixserver/trapper/nodehistory.c...

8AI score0.02392EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2009/12/31 6:0 p.m.22 views

CVE-2009-4499

SQL injection vulnerability in the gethistorylastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted request, possibly related to the sendhistorylastid function in zabbixserver/trapper/nodehistory.c...

7.5CVSS7.8AI score0.02392EPSS
Exploits0
Prion
Prion
added 2009/12/30 9:30 p.m.14 views

Sql injection

SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remote attackers to execute arbitrary SQL commands via the groupboardid parameter...

7.5CVSS9.1AI score0.00907EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2009/12/30 9:30 p.m.14 views

CVE-2009-4477

SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter...

7.5CVSS8.4AI score0.01011EPSS
Exploits0References4
Prion
Prion
added 2009/12/30 9:30 p.m.12 views

Sql injection

SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter...

7.5CVSS9.1AI score0.01011EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2009/12/30 9:0 p.m.17 views

CVE-2009-4477

SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter...

8.4AI score0.01011EPSS
Exploits0References4
CVE
CVE
added 2009/12/30 9:0 p.m.41 views

CVE-2009-4470

CVE-2009-4470 describes an SQL injection in DVBBS 2.0. The affected component is boardrule.php, with the vulnerability occurring via the groupboardid parameter, enabling remote attackers to execute arbitrary SQL commands. The entry is corroborated across multiple sources (NVD, CVE listings). The ...

7.5CVSS8.4AI score0.00907EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2009/12/30 12:30 a.m.15 views

Sql injection

SQL injection vulnerability in newsdetail.php in Green Desktiny 2.3.1, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9.2AI score0.00999EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/12/30 12:30 a.m.16 views

CVE-2009-4456

SQL injection vulnerability in newsdetail.php in Green Desktiny 2.3.1, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.5AI score0.00999EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/12/30 12:0 a.m.61 views

Gentoo Security Advisory GLSA 200912-02 (rails)

The remote host is missing updates announced in advisory GLSA 200912-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.5CVSS0.7AI score0.0808EPSS
Exploits5
Prion
Prion
added 2009/12/28 7:0 p.m.16 views

Sql injection

SQL injection vulnerability in the JoomPortfolio comjoomportfolio component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the secid parameter in a showcat action to index.php...

7.5CVSS9.1AI score0.01024EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2009/12/28 7:0 p.m.12 views

Sql injection

SQL injection vulnerability in index.php in CodeMight VideoCMS 3.1 allows remote attackers to execute arbitrary SQL commands via the v parameter in a video action...

7.5CVSS9AI score0.00993EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2009/12/28 7:0 p.m.15 views

CVE-2009-4424

SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.5AI score0.02797EPSS
Exploits1References4
Cvelist
Cvelist
added 2009/12/28 6:27 p.m.25 views

CVE-2009-4432

SQL injection vulnerability in index.php in CodeMight VideoCMS 3.1 allows remote attackers to execute arbitrary SQL commands via the v parameter in a video action...

8.3AI score0.00993EPSS
Exploits1References3
CVE
CVE
added 2009/12/28 6:27 p.m.47 views

CVE-2009-4437

CVE-2009-4437 affects Active Auction House 3.6. It has multiple SQL injection vulnerabilities allowing remote attackers to execute arbitrary SQL via the catid parameter to wishlist.asp and the linkid parameter to links.asp (vector 1 may overlap CVE-2005-1029). The description notes the issue is i...

7.5CVSS8.4AI score0.01024EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2009/12/24 5:30 p.m.11 views

Sql injection

SQL injection vulnerability in index.php in weenCompany 4.0.0 allows remote attackers to execute arbitrary SQL commands via the moduleid parameter. NOTE: some of these details are obtained from third party information...

7.5CVSS9AI score0.01024EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2009/12/24 4:30 p.m.11 views

Sql injection

SQL injection vulnerability in phpgwapi /inc/class.authsql.inc.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the passwd parameter to login.php...

6.8CVSS8.6AI score0.01277EPSS
Exploits1References8Affected Software1
OpenVAS
OpenVAS
added 2009/12/24 12:0 a.m.15 views

XOOPS Content Module 0.5 SQL Injection Vulnerability

XOOPS is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xoops:xoops"; ifdescriptio...

7.5CVSS7.7AI score0.00987EPSS
Exploits1References4
Rows per page
Query Builder