13188 matches found
CVE-2009-3319
SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sec list action, a different vector than CVE-2006-1018...
CVE-2009-3316
SQL injection vulnerability in the JReservation comjreservation component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php...
Sql injection
SQL injection vulnerability in the JReservation comjreservation component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php...
Sql injection
SQL injection vulnerability in index.php in cP Creator 2.7.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tickets parameter in a support ticket action...
Sql injection
SQL injection vulnerability in index.php in Zainu 1.0 allows remote attackers to execute arbitrary SQL commands via the albumid parameter in an AlbumSongs action...
Sql injection
SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sec list action, a different vector than CVE-2006-1018...
Sql injection
SQL injection vulnerability in admin/index.php in NeLogic Nephp Publisher Enterprise 3.5.9 and 4.5 allows remote attackers to execute arbitrary SQL commands via the Username field...
Sql injection
Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to 1 index.php and 2 editComments.php, and 3 allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action ...
Sql injection
SQL injection vulnerability in ladders.php in Elite Gaming Ladders 3.2 allows remote attackers to execute arbitrary SQL commands via the platform parameter...
Sql injection
SQL injection vulnerability in index.php in CMScontrol Content Management System 7.x allows remote attackers to execute arbitrary SQL commands via the idmenu parameter...
Sql injection
SQL injection vulnerability in the JBudgetsMagic comjbudgetsmagic component 0.3.2 through 0.4.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the bid parameter in a mybudget action to index.php...
Sql injection
SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a ViewDetails action, a different vector than CVE-2008-6320...
Sql injection
SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter...
Sql injection
SQL injection vulnerability in the Focusplus Developments Survey Manager comsurveymanager component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php...
CVE-2009-3310
SQL injection vulnerability in index.php in Zainu 1.0 allows remote attackers to execute arbitrary SQL commands via the albumid parameter in an AlbumSongs action...
CVE-2009-3308
SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter...
CVE-2009-3309
CVE-2009-3309 describes an SQL injection in CF ShopKart 5.4 beta. The vulnerability is in index.cfm (CF ShopKart) and is exploitable via the itemid parameter in the ViewDetails action, enabling remote attackers to execute arbitrary SQL commands. This is a different vector than CVE-2008-6320. No r...
CVE-2009-3314
SQL injection vulnerability in ladders.php in Elite Gaming Ladders 3.2 allows remote attackers to execute arbitrary SQL commands via the platform parameter...
CVE-2009-3330
SQL injection vulnerability in index.php in cP Creator 2.7.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tickets parameter in a support ticket action...
CVE-2009-3321
SQL injection vulnerability in SaphpLesson 4.3, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the CLIENTIP HTTP header...