Lucene search
K

13188 matches found

NVD
NVD
added 2009/12/23 6:30 p.m.24 views

CVE-2009-3582

Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the 1 id and possibly 2 db parameters in a Delete action to the output of a VendorsReportsSearch search operation...

6.5CVSS8AI score0.00925EPSS
Exploits2References4
Prion
Prion
added 2009/12/23 6:30 p.m.19 views

Sql injection

Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the 1 id and possibly 2 db parameters in a Delete action to the output of a VendorsReportsSearch search operation...

6.5CVSS8.7AI score0.00925EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2009/12/23 6:30 p.m.5 views

CVE-2009-3582

Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the 1 id and possibly 2 db parameters in a Delete action to the output of a VendorsReportsSearch search operation...

8.3AI score
Exploits0References4
Cvelist
Cvelist
added 2009/12/23 6:0 p.m.34 views

CVE-2009-3582

Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the 1 id and possibly 2 db parameters in a Delete action to the output of a VendorsReportsSearch search operation...

8AI score0.00925EPSS
Exploits2References4
Prion
Prion
added 2009/12/22 11:30 p.m.11 views

Sql injection

SQL injection vulnerability in the Diocese of Portsmouth Resources Database pdresources extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01013EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2009/12/22 11:30 p.m.12 views

Sql injection

SQL injection vulnerability in the Document Directorys danpdocumentdirs extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01013EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2009/12/22 11:30 p.m.14 views

Sql injection

Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-2925...

7.5CVSS8.9AI score0.01063EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/12/22 11:30 p.m.10 views

CVE-2009-4394

SQL injection vulnerability in the Random Prayer 2 steprayer2 extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.01511EPSS
Exploits0References1
Prion
Prion
added 2009/12/22 11:30 p.m.15 views

Sql injection

SQL injection vulnerability in the Parish Administration Database steparishadmin extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01013EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2009/12/22 11:30 p.m.13 views

Sql injection

SQL injection vulnerability in hoteltiempolibreext.php in Venalsur Booking Centre Booking System for Hotels Group, when magicquotesgpc is enabled, allows remote attackers to execute arbitrary SQL commands via the NoticiaID parameter and other unspecified vectors...

7.5CVSS9.1AI score0.01024EPSS
Exploits1References5
Prion
Prion
added 2009/12/22 11:30 p.m.15 views

Sql injection

SQL injection vulnerability in the XDS Staff List xdsstaff extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01013EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2009/12/21 4:30 p.m.15 views

CVE-2009-4375

SQL injection vulnerability in repository/repositoryattachment.php in AlienVault Open Source Security Information Management OSSIM 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary SQL commands via the iddocument parameter...

7.5CVSS8.4AI score0.00971EPSS
Exploits1References4
Prion
Prion
added 2009/12/17 5:30 p.m.12 views

Sql injection

SQL injection vulnerability in the Job Exchange jobexchange extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

7.5CVSS9.1AI score0.01051EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/12/17 5:30 p.m.10 views

CVE-2009-4341

SQL injection vulnerability in the No indexed Search noindexedsearch extension 0.2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

7.5CVSS8.4AI score0.01051EPSS
Exploits0References3
Prion
Prion
added 2009/12/17 5:30 p.m.18 views

Sql injection

SQL injection vulnerability in the Diocese of Portsmouth Calendar pdcalendar extension 0.4.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2008-6691...

7.5CVSS8.7AI score0.01671EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/12/17 5:30 p.m.12 views

CVE-2009-4342

SQL injection vulnerability in the Job Exchange jobexchange extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

7.5CVSS8.4AI score0.01051EPSS
Exploits0References3
Prion
Prion
added 2009/12/17 5:30 p.m.16 views

Sql injection

SQL injection vulnerability in index.php in Arctic Issue Tracker 2.1.1 allows remote attackers to execute arbitrary SQL commands via the 1 matchingsid or 2 matchingstitle parameters in a Login action to an unspecified program, or 3 the matchingsid parameter in a search action to index.php, a...

7.5CVSS8.7AI score0.02285EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2009/12/17 5:0 p.m.18 views

CVE-2009-4342

SQL injection vulnerability in the Job Exchange jobexchange extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

8.4AI score0.01051EPSS
Exploits0References3
Cvelist
Cvelist
added 2009/12/17 5:0 p.m.13 views

CVE-2009-4341

SQL injection vulnerability in the No indexed Search noindexedsearch extension 0.2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

8.4AI score0.01051EPSS
Exploits0References3
CVE
CVE
added 2009/12/17 5:0 p.m.50 views

CVE-2009-4337

CVE-2009-4337 describes a SQL injection in the TYPO3 Diocese of Portsmouth Calendar (pd_calendar) extension version 0.4.1 and earlier. The vulnerability allows remote attackers to execute arbitrary SQL commands via unknown vectors, with impact described as partial confidentiality, integrity, and ...

7.5CVSS8.4AI score0.01671EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder