13188 matches found
Sql injection
SQL injection vulnerability in spnews.php in MyBuxScript PTC-BUX allows remote attackers to execute arbitrary SQL commands via the id parameter in an spnews action to the default URI. NOTE: some of these details are obtained from third party information...
Sql injection
Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the 1 year and 2 id parameters...
Sql injection
SQL injection vulnerability in RASH Quote Management System RQMS 1.2.2 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter in an admin action to the default URI...
CVE-2009-3255
SQL injection vulnerability in RASH Quote Management System RQMS 1.2.2 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter in an admin action to the default URI...
CVE-2009-3252
Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the 1 year and 2 id parameters...
CVE-2009-3246
SQL injection vulnerability in spnews.php in MyBuxScript PTC-BUX allows remote attackers to execute arbitrary SQL commands via the id parameter in an spnews action to the default URI. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter...
Sql injection
SQL injection vulnerability in control/login.php in AR Web Content Manager AWCM 2.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...
Sql injection
SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the memberid parameter in an edituser action to index.php...
CVE-2009-3205
SQL injection vulnerability in main.php in CBAuthority allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewproduct action...
Sql injection
Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to permalink.php and 2 year parameter to index.php...
CVE-2009-3208
Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to permalink.php and 2 year parameter to index.php...
CVE-2009-3212
SQL injection vulnerability in VivaPrograms Infinity Script 2.x.x, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username field...
Sql injection
SQL injection vulnerability in VivaPrograms Infinity Script 2.x.x, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username field...
CVE-2009-3203
SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2009-3209
SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter...
CVE-2009-3212
SQL injection vulnerability in VivaPrograms Infinity Script 2.x.x, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username field...
Sql injection
SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...
CVE-2009-3165
SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...
CVE-2009-3125
SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters...