Lucene search
K

13188 matches found

CVE
CVE
added 2009/11/18 11:0 p.m.44 views

CVE-2009-3970

The CVE-2009-3970 entry describes a SQL injection in index.php of PHP Dir Submit (also WebsiteSubmitter/Submitter Script). The vulnerability is triggered by the aid parameter in a showarticle action, allowing remote authenticated users to execute arbitrary SQL commands. Affected software is PHP D...

6.5CVSS8AI score0.00886EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2009/11/18 11:0 p.m.51 views

CVE-2009-3974

Invision Power Board (IPB/IP.Board) 3.0.0–3.0.2 is vulnerable to multiple SQL injection flaws. The issues affect input handling for two parameters: (1) search_term in admin/applications/core/modules_public/search/search.php and (2) aid in admin/applications/core/modules_public/global/lostpass.php...

7.5CVSS8.5AI score0.01001EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2009/11/18 11:0 p.m.43 views

CVE-2009-3973

The CVE relates to a SQL injection in index.php of Turnkey Arcade Script. The vulnerability is triggered via the id parameter in actions (play or browse) and allows remote attackers to execute arbitrary SQL commands, reflecting a classic server-side injectable vector. The connected data confirms ...

7.5CVSS8.4AI score0.00969EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/11/18 11:0 p.m.19 views

CVE-2009-3965

SQL injection vulnerability in rating.php in New 5 star Rating 1.0 allows remote attackers to execute arbitrary SQL commands via the det parameter...

8.4AI score0.01052EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2009/11/16 12:0 a.m.13 views

Oracle Database Server ctxsys.driload Access Validation (CVE-2004-0637)

Stored procedures are a powerful feature of an Oracle database server. They are essentially a set of SQL statements that are stored server-side, which are called by name and optionally passed a set of parameters. Stored procedures provide improved performance, because only data specific to the...

6.5CVSS7.1AI score0.17824EPSS
Exploits0
Prion
Prion
added 2009/11/09 5:30 p.m.13 views

Sql injection

SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter...

7.5CVSS9.1AI score0.02737EPSS
Exploits0References3
NVD
NVD
added 2009/11/09 5:30 p.m.17 views

CVE-2009-3913

SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter...

7.5CVSS8.4AI score0.02737EPSS
Exploits0References3
Cvelist
Cvelist
added 2009/11/09 5:0 p.m.26 views

CVE-2009-3913

SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter...

8.4AI score0.02737EPSS
Exploits0References3
Prion
Prion
added 2009/11/02 3:30 p.m.11 views

Sql injection

SQL injection vulnerability in the JShop comjshop component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a product action to index.php...

7.5CVSS9.1AI score0.00967EPSS
Exploits1References3
Prion
Prion
added 2009/11/02 3:30 p.m.20 views

Sql injection

SQL injection vulnerability in the traditional frontend editing feature in the Frontend Editing subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to execute arbitrary SQL commands via unspecified...

6.5CVSS8.1AI score0.01613EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2009/11/02 3:30 p.m.30 views

CVE-2009-3632

SQL injection vulnerability in the traditional frontend editing feature in the Frontend Editing subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to execute arbitrary SQL commands via unspecified...

6.5CVSS6.2AI score0.01613EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/11/02 3:0 p.m.27 views

CVE-2009-3632

SQL injection vulnerability in the traditional frontend editing feature in the Frontend Editing subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to execute arbitrary SQL commands via unspecified...

7.7AI score0.01613EPSS
Exploits0References6
Prion
Prion
added 2009/10/28 10:30 a.m.16 views

Sql injection

SQL injection vulnerability in the Flagbit Filebase fbfilebase extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01013EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2009/10/28 10:0 a.m.17 views

CVE-2009-3820

SQL injection vulnerability in the Flagbit Filebase fbfilebase extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

8.4AI score0.01013EPSS
Exploits0References1
Prion
Prion
added 2009/10/27 4:30 p.m.18 views

Sql injection

Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via 1 the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or 2 the topicid parameter...

6.5CVSS8.8AI score0.00806EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2009/10/27 4:30 p.m.15 views

Sql injection

SQL injection vulnerability in feedbackjs.php in DedeCMS 5.1 allows remote attackers to execute arbitrary SQL commands via the arcurl parameter...

7.5CVSS9.1AI score0.02638EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2009/10/27 4:30 p.m.12 views

Sql injection

SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmpass aka Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.7AI score0.01013EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2009/10/27 4:30 p.m.28 views

Sql injection

Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the 1 forum parameter to modules/forum/post.php and possibly 2 forumid variable to modules/forum/class/class.permissions.php...

6.5CVSS8.9AI score0.00898EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2009/10/27 4:0 p.m.29 views

CVE-2009-3806

SQL injection vulnerability in feedbackjs.php in DedeCMS 5.1 allows remote attackers to execute arbitrary SQL commands via the arcurl parameter...

8.4AI score0.02638EPSS
Exploits0References1
Prion
Prion
added 2009/10/26 5:30 p.m.11 views

Sql injection

SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmuser aka Username parameter...

7.5CVSS9AI score0.01213EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder