13188 matches found
CVE-2009-3505
SQL injection vulnerability in viewnews.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the newsid parameter. NOTE: the gameid vector is already covered by CVE-2008-4460...
CVE-2009-3503
Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 rid and 2 tid parameters...
CVE-2009-3497
SQL injection vulnerability in viewlisting.php in Vastal I-Tech Agent Zone aka The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the id parameter...
Novell ZENworks Patch Management Multiple SQL Injection Vulnerabilities (CVE-2005-3315)
ZENworks is a resource management solution developed by Novell. The product provides system administrators with management capabilities of remote networked computers. The software suite is composed of several product components. Some of the available ZENworks product components are ZENworks Deskt...
Ipswitch WhatsUp Web Interface SQL Injection (CVE-2005-1250)
WhatsUp Professional 2005 is a network monitoring and resource management solution. WhatsUp Professional uses a relational database to store the information about user accounts and network devices that are monitored by the application. The relational databases supported by WhatsUp Professional ar...
CVE-2009-3446
SQL injection vulnerability in the MyRemote Video Gallery commytube component 1.0 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the userid parameter in a videos action to index.php...
Sql injection
SQL injection vulnerability in the MyRemote Video Gallery commytube component 1.0 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the userid parameter in a videos action to index.php...
Sql injection
SQL injection vulnerability in the JoomlaFacebook comfacebook component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a student action to index.php...
Sql injection
Multiple SQL injection vulnerabilities in Open Source Security Information Management OSSIM before 2.1.2 allow remote authenticated users to execute arbitrary SQL commands via the iddocument parameter to 1 repositorydocument.php, 2 repositorylinks.php, and 3 repositoryeditdocument.php in...
CVE-2009-3438
SQL injection vulnerability in the JoomlaFacebook comfacebook component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a student action to index.php...
CVE-2009-3419
SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter...
CVE-2009-3418
Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow 1 remote authenticated users to execute arbitrary SQL commands via the m parameter to manager/index.php and 2 remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an editlink action to...
Sql injection
SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter...
Sql injection
SQL injection vulnerability in the IDoBlog comidoblog component 1.1 build 30 for Joomla! allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action to index.php, a different vector than CVE-2008-2627...
Sql injection
SQL injection vulnerability in login.php in Allomani Mobile 2.5 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action...
Sql injection
Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow 1 remote authenticated users to execute arbitrary SQL commands via the m parameter to manager/index.php and 2 remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an editlink action to...
CVE-2009-3419
SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter...
CVE-2009-3418
Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow 1 remote authenticated users to execute arbitrary SQL commands via the m parameter to manager/index.php and 2 remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an editlink action to...
CVE-2009-3356
SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter...
CVE-2009-3358
SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote attackers to execute arbitrary SQL commands via the userid parameter...