13188 matches found
Sql injection
Multiple SQL injection vulnerabilities in FrontAccounting FA before 2.1.7, and 2.2.x before 2.2 RC, allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 admin/db/usersdb.inc, and various other .inc and .php files under 2 admin/, 3 dimensions/, 4 gl/, 5...
Sql injection
Multiple SQL injection vulnerabilities in FrontAccounting FA before 2.1.7 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to various .inc and .php files in 1 reporting/, 2 sales/, 3 sales/includes/, 4 sales/includes/db/, 5 sales/inquiry/, 6 sales/manage/, 7...
CVE-2009-4046
Multiple SQL injection vulnerabilities in FrontAccounting FA 2.2.x before 2.2 RC allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 bankaccounts.php, 2 currencies.php, 3 exchangerates.php, 4 glaccounttypes.php, and 5 glaccounts.php in gl/manage/; and 6...
CVE-2009-4037
Multiple SQL injection vulnerabilities in FrontAccounting FA before 2.1.7, and 2.2.x before 2.2 RC, allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 admin/db/usersdb.inc, and various other .inc and .php files under 2 admin/, 3 dimensions/, 4 gl/, 5...
CVE-2009-4045
CVE-2009-4045 affects FrontAccounting (FA) up to version 2.1.7, with multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands via unspecified parameters to various .inc and .php files (reporting/, sales/, sales/includes/, sales/includes/db/, sales/inqui...
CVE-2009-3975
SQL injection vulnerability in index.php in Moa Gallery 1.1.0 and 1.2.0 allows remote attackers to execute arbitrary SQL commands via the galleryid parameter in a galleryview action...
Sql injection
SQL injection vulnerability in index.php in PHP Dir Submit aka WebsiteSubmitter or Submitter Script allows remote authenticated users to execute arbitrary SQL commands via the aid parameter in a showarticle action...
CVE-2009-3970
SQL injection vulnerability in index.php in PHP Dir Submit aka WebsiteSubmitter or Submitter Script allows remote authenticated users to execute arbitrary SQL commands via the aid parameter in a showarticle action...
CVE-2009-3965
SQL injection vulnerability in rating.php in New 5 star Rating 1.0 allows remote attackers to execute arbitrary SQL commands via the det parameter...
Sql injection
SQL injection vulnerability in rating.php in New 5 star Rating 1.0 allows remote attackers to execute arbitrary SQL commands via the det parameter...
Sql injection
Multiple SQL injection vulnerabilities in Invision Power Board IPB or IP.Board 3.0.0, 3.0.1, and 3.0.2 allow remote attackers to execute arbitrary SQL commands via the 1 searchterm parameter to admin/applications/core/modulespublic/search/search.php and 2 aid parameter to...
Sql injection
SQL injection vulnerability in browse.php in Ed Charkow SuperCharged Linking allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in index.php in Moa Gallery 1.1.0 and 1.2.0 allows remote attackers to execute arbitrary SQL commands via the galleryid parameter in a galleryview action...
CVE-2009-3964
SQL injection vulnerability in the NinjaMonials comninjacentral component 1.1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the testimID parameter in a display action to index.php...
CVE-2009-3967
SQL injection vulnerability in browse.php in Ed Charkow SuperCharged Linking allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a browse action, a different vector than CVE-2008-5629...
CVE-2009-3970
SQL injection vulnerability in index.php in PHP Dir Submit aka WebsiteSubmitter or Submitter Script allows remote authenticated users to execute arbitrary SQL commands via the aid parameter in a showarticle action...
CVE-2009-3973
SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a browse action, a different vector than CVE-2008-5629...
CVE-2009-3967
SQL injection vulnerability in browse.php in Ed Charkow SuperCharged Linking allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2009-3974
Multiple SQL injection vulnerabilities in Invision Power Board IPB or IP.Board 3.0.0, 3.0.1, and 3.0.2 allow remote attackers to execute arbitrary SQL commands via the 1 searchterm parameter to admin/applications/core/modulespublic/search/search.php and 2 aid parameter to...