Lucene search
K

13188 matches found

NVD
NVD
added 2009/09/23 12:8 p.m.15 views

CVE-2009-3319

SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sec list action, a different vector than CVE-2006-1018...

7.5CVSS8.2AI score0.01063EPSS
Exploits1References2
NVD
NVD
added 2009/09/23 12:8 p.m.15 views

CVE-2009-3316

SQL injection vulnerability in the JReservation comjreservation component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php...

7.5CVSS8.4AI score0.01024EPSS
Exploits1References5
Prion
Prion
added 2009/09/23 12:8 p.m.10 views

Sql injection

SQL injection vulnerability in the JReservation comjreservation component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php...

7.5CVSS9.1AI score0.01024EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2009/09/23 12:8 p.m.15 views

Sql injection

SQL injection vulnerability in index.php in cP Creator 2.7.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tickets parameter in a support ticket action...

6.8CVSS9AI score0.0085EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2009/09/23 12:8 p.m.10 views

Sql injection

SQL injection vulnerability in index.php in Zainu 1.0 allows remote attackers to execute arbitrary SQL commands via the albumid parameter in an AlbumSongs action...

7.5CVSS9.1AI score0.01002EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2009/09/23 12:8 p.m.18 views

Sql injection

SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sec list action, a different vector than CVE-2006-1018...

7.5CVSS8.7AI score0.0111EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2009/09/23 12:8 p.m.9 views

Sql injection

SQL injection vulnerability in admin/index.php in NeLogic Nephp Publisher Enterprise 3.5.9 and 4.5 allows remote attackers to execute arbitrary SQL commands via the Username field...

7.5CVSS9.1AI score0.00961EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2009/09/23 12:8 p.m.16 views

Sql injection

Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to 1 index.php and 2 editComments.php, and 3 allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action ...

6.5CVSS8.9AI score0.01084EPSS
Exploits0References7Affected Software1
Prion
Prion
added 2009/09/23 12:8 p.m.14 views

Sql injection

SQL injection vulnerability in ladders.php in Elite Gaming Ladders 3.2 allows remote attackers to execute arbitrary SQL commands via the platform parameter...

7.5CVSS9.1AI score0.01042EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2009/09/23 12:8 p.m.24 views

Sql injection

SQL injection vulnerability in index.php in CMScontrol Content Management System 7.x allows remote attackers to execute arbitrary SQL commands via the idmenu parameter...

7.5CVSS9.1AI score0.00923EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2009/09/23 12:8 p.m.12 views

Sql injection

SQL injection vulnerability in the JBudgetsMagic comjbudgetsmagic component 0.3.2 through 0.4.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the bid parameter in a mybudget action to index.php...

7.5CVSS9AI score0.00907EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2009/09/23 12:8 p.m.16 views

Sql injection

SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a ViewDetails action, a different vector than CVE-2008-6320...

7.5CVSS8.7AI score0.00973EPSS
Exploits2References3Affected Software1
Prion
Prion
added 2009/09/23 12:8 p.m.12 views

Sql injection

SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter...

7.5CVSS9.1AI score0.01011EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2009/09/23 12:8 p.m.7 views

Sql injection

SQL injection vulnerability in the Focusplus Developments Survey Manager comsurveymanager component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php...

7.5CVSS9.1AI score0.00961EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/09/23 10:0 a.m.14 views

CVE-2009-3310

SQL injection vulnerability in index.php in Zainu 1.0 allows remote attackers to execute arbitrary SQL commands via the albumid parameter in an AlbumSongs action...

8.4AI score0.01002EPSS
Exploits1References5
Cvelist
Cvelist
added 2009/09/23 10:0 a.m.22 views

CVE-2009-3308

SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter...

8.4AI score0.01011EPSS
Exploits0References3
CVE
CVE
added 2009/09/23 10:0 a.m.39 views

CVE-2009-3309

CVE-2009-3309 describes an SQL injection in CF ShopKart 5.4 beta. The vulnerability is in index.cfm (CF ShopKart) and is exploitable via the itemid parameter in the ViewDetails action, enabling remote attackers to execute arbitrary SQL commands. This is a different vector than CVE-2008-6320. No r...

7.5CVSS8.3AI score0.00961EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/09/23 10:0 a.m.19 views

CVE-2009-3314

SQL injection vulnerability in ladders.php in Elite Gaming Ladders 3.2 allows remote attackers to execute arbitrary SQL commands via the platform parameter...

8.4AI score0.01042EPSS
Exploits0References5
Cvelist
Cvelist
added 2009/09/23 10:0 a.m.20 views

CVE-2009-3330

SQL injection vulnerability in index.php in cP Creator 2.7.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tickets parameter in a support ticket action...

8.3AI score0.0085EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/09/23 10:0 a.m.23 views

CVE-2009-3321

SQL injection vulnerability in SaphpLesson 4.3, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the CLIENTIP HTTP header...

8.3AI score0.00941EPSS
Exploits1References5
Rows per page
Query Builder