13188 matches found
CVE-2009-3349
SQL injection vulnerability in Datavore Gyro 5.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter in a cat action to the home component...
CVE-2009-3337
SQL injection vulnerability in the Freetag serendipityeventfreetag plugin before 3.09 for Serendipity S9Y allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry...
CVE-2009-3335
SQL injection vulnerability in the TurtuShout component 0.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Name field...
CVE-2009-3336
SQL injection vulnerability in auctiondetails.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auctionid parameter...
Sql injection
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System aka HBS or comhbssearch component for Joomla! allow remote attackers to execute arbitrary SQL commands via the 1 hid, 2 id, and 3 rid parameters to longDesc.php, and the hid parameter to 4 detail.php, 5 detail1.php, 6...
Sql injection
SQL injection vulnerability in Datavore Gyro 5.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter in a cat action to the home component...
Sql injection
SQL injection vulnerability in details.asp in HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PropId parameter...
Sql injection
SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter...
Sql injection
SQL injection vulnerability in frontend/assets/ajax/checkusername.php in the AlphaUserPoints comalphauserpoints component 1.5.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the username2points parameter...
Sql injection
SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincatid parameter...
Sql injection
SQL injection vulnerability in auctiondetails.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auctionid parameter...
Sql injection
SQL injection vulnerability in the Freetag serendipityeventfreetag plugin before 3.09 for Serendipity S9Y allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry...
CVE-2009-3356
The CVE-2009-3356 entry describes a SQL injection in Image voting 1.0, affecting index.php via the show parameter, enabling remote execution of arbitrary SQL commands. The vulnerability details provided are limited to the input parameter and the affected file/module; no remediation guidance or ex...
CVE-2009-3356
SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter...
CVE-2009-3343
CVE-2009-3343 : A SQL injection vulnerability in details.asp of HotWeb Rentals allows remote attackers to inject via the PropId parameter and execute arbitrary SQL commands. This is a remote, unsanitized-input issue; exploitation is mentioned in Exploit-DB (exploit ID 9675), but detailed exploit ...
CVE-2009-3336
SQL injection vulnerability in auctiondetails.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auctionid parameter...
CVE-2009-3326
SQL injection vulnerability in index.php in CMScontrol Content Management System 7.x allows remote attackers to execute arbitrary SQL commands via the idmenu parameter...
CVE-2009-3313
Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to 1 index.php and 2 editComments.php, and 3 allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action ...
CVE-2009-3327
Multiple SQL injection vulnerabilities in WX-Guestbook 1.1.208 allow remote attackers to execute arbitrary SQL commands via the 1 QUERY parameter to search.php and 2 USERNAME parameter to login.php. NOTE: some of these details are obtained from third party information...
CVE-2009-3308
SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter...