Lucene search
K

13188 matches found

Check Point Advisories
Check Point Advisories
added 2009/12/17 12:0 a.m.3 views

Oracle Database Trigger MDSYS.SDO_TOPO_DROP_FTBL SQL Injection (CVE-2008-3979)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects such as procedures, functions, triggers, variables, constants, cursors, and exceptions, are provided in order t...

5.5CVSS8.2AI score0.32434EPSS
Exploits7
Prion
Prion
added 2009/12/16 1:30 a.m.14 views

Sql injection

SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file CourseTitle."...

6.5CVSS8AI score0.01912EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2009/12/16 1:0 a.m.19 views

CVE-2009-4305

SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file CourseTitle."...

7.6AI score0.01912EPSS
Exploits0References9
Prion
Prion
added 2009/12/11 7:30 p.m.14 views

Sql injection

SQL injection vulnerability in the Taxonomy Timer module 5.x-1.8 and earlier and 6.x-alpha1 and earlier for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01258EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2009/12/10 11:30 p.m.17 views

CVE-2009-4238

Multiple SQL injection vulnerabilities in TestLink before 1.8.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the Test Case ID field to lib/general/navBar.php or 2 the logLevel parameter to lib/events/eventviewer.php...

6.5CVSS8AI score0.01082EPSS
Exploits7References6
Prion
Prion
added 2009/12/10 4:30 p.m.15 views

Sql injection

SQL injection vulnerability in mainforum.php in PTCPay GeN3 forum 1.3 allows remote attackers to execute arbitrary SQL commands via the cat parameter...

7.5CVSS9.1AI score0.00907EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2009/12/10 1:30 a.m.11 views

Sql injection

Multiple SQL injection vulnerabilities in cource.php in AlefMentor 2.0 and 2.2 allow remote attackers to execute arbitrary SQL commands via the 1 contid and 2 courcid parameters in a pregled action. NOTE: some of these details are obtained from third party information...

7.5CVSS9.1AI score0.00961EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/12/10 1:0 a.m.16 views

CVE-2009-4256

Multiple SQL injection vulnerabilities in cource.php in AlefMentor 2.0 and 2.2 allow remote attackers to execute arbitrary SQL commands via the 1 contid and 2 courcid parameters in a pregled action. NOTE: some of these details are obtained from third party information...

8.4AI score0.00961EPSS
Exploits1References3
Prion
Prion
added 2009/12/08 7:30 p.m.19 views

Sql injection

Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bids allow remote attackers to execute arbitrary SQL commands via 1 the catid parameter in the PATHINFO to the default URI or 2 the catid parameter to default.asp. NOTE: this might overlap CVE-2009-0429.3. NOTE: the provenance of...

7.5CVSS8.7AI score0.00907EPSS
Exploits2References2
CVE
CVE
added 2009/12/08 7:0 p.m.45 views

CVE-2009-4229

CVE-2009-4229 involves multiple SQL injection vulnerabilities in ActiveBids (ActiveWebSoftwares). The affected component is the Active Bids web application, with vulnerabilities exploitable through (1) the catid parameter in the PATH_INFO to the default URI and (2) the catid parameter to default....

7.5CVSS8.1AI score0.00907EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2009/12/07 5:30 p.m.10 views

Sql injection

SQL injection vulnerability in the Itamar Elharar MusicGallery commusicgallery component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an itempage action to index.php. NOTE: the provenance of this information is unknown; the details are obtained...

7.5CVSS8.8AI score0.00902EPSS
Exploits1References1
Prion
Prion
added 2009/12/07 5:30 p.m.17 views

Sql injection

SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767...

7.5CVSS8.7AI score0.00997EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2009/12/07 5:0 p.m.24 views

CVE-2009-4218

Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System eXperience JBSX allow remote attackers to execute arbitrary SQL commands via the 1 admin or 2 password field, a related issue to CVE-2007-6091. NOTE: the provenance of this information is unknown; the details are...

8.3AI score0.00907EPSS
Exploits1References2
Cvelist
Cvelist
added 2009/12/07 5:0 p.m.32 views

CVE-2009-4221

SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767...

8.2AI score0.00987EPSS
Exploits1References4
Prion
Prion
added 2009/12/04 7:30 p.m.10 views

Sql injection

SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9.1AI score0.00999EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2009/12/04 7:30 p.m.12 views

Sql injection

SQL injection vulnerability in the osnews module in Open-school OS 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php...

7.5CVSS9.1AI score0.00928EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2009/12/04 7:30 p.m.16 views

CVE-2009-4206

SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.4AI score0.00999EPSS
Exploits0References3
Cvelist
Cvelist
added 2009/12/04 7:0 p.m.24 views

CVE-2009-4204

SQL injection vulnerability in read.php in Flashlight Free Edition allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.3AI score0.00928EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/12/04 7:0 p.m.24 views

CVE-2009-4206

SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.4AI score0.00999EPSS
Exploits0References3
Cvelist
Cvelist
added 2009/12/04 7:0 p.m.16 views

CVE-2009-4198

SQL injection vulnerability in myorders.php in MyMiniBill allows remote authenticated users to execute arbitrary SQL commands via the orderid parameter in a status action...

7.9AI score0.00886EPSS
Exploits0References3
Rows per page
Query Builder