13188 matches found
CVE-2009-3582
Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the 1 id and possibly 2 db parameters in a Delete action to the output of a VendorsReportsSearch search operation...
Sql injection
Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the 1 id and possibly 2 db parameters in a Delete action to the output of a VendorsReportsSearch search operation...
CVE-2009-3582
Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the 1 id and possibly 2 db parameters in a Delete action to the output of a VendorsReportsSearch search operation...
CVE-2009-3582
Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the 1 id and possibly 2 db parameters in a Delete action to the output of a VendorsReportsSearch search operation...
Sql injection
SQL injection vulnerability in the Diocese of Portsmouth Resources Database pdresources extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the Document Directorys danpdocumentdirs extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-2925...
CVE-2009-4394
SQL injection vulnerability in the Random Prayer 2 steprayer2 extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the Parish Administration Database steparishadmin extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in hoteltiempolibreext.php in Venalsur Booking Centre Booking System for Hotels Group, when magicquotesgpc is enabled, allows remote attackers to execute arbitrary SQL commands via the NoticiaID parameter and other unspecified vectors...
Sql injection
SQL injection vulnerability in the XDS Staff List xdsstaff extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4375
SQL injection vulnerability in repository/repositoryattachment.php in AlienVault Open Source Security Information Management OSSIM 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary SQL commands via the iddocument parameter...
Sql injection
SQL injection vulnerability in the Job Exchange jobexchange extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2009-4341
SQL injection vulnerability in the No indexed Search noindexedsearch extension 0.2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
Sql injection
SQL injection vulnerability in the Diocese of Portsmouth Calendar pdcalendar extension 0.4.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2008-6691...
CVE-2009-4342
SQL injection vulnerability in the Job Exchange jobexchange extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
Sql injection
SQL injection vulnerability in index.php in Arctic Issue Tracker 2.1.1 allows remote attackers to execute arbitrary SQL commands via the 1 matchingsid or 2 matchingstitle parameters in a Login action to an unspecified program, or 3 the matchingsid parameter in a search action to index.php, a...
CVE-2009-4342
SQL injection vulnerability in the Job Exchange jobexchange extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2009-4341
SQL injection vulnerability in the No indexed Search noindexedsearch extension 0.2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2009-4337
CVE-2009-4337 describes a SQL injection in the TYPO3 Diocese of Portsmouth Calendar (pd_calendar) extension version 0.4.1 and earlier. The vulnerability allows remote attackers to execute arbitrary SQL commands via unknown vectors, with impact described as partial confidentiality, integrity, and ...