13188 matches found
CVE-2009-3165
CVE-2009-3165 is a SQL injection vulnerability affecting Bugzilla 2.23.4–3.0.8, 3.1.1–3.2.4, and 3.3.1–3.4.1 via Bug.create WebService parameters, enabling remote arbitrary SQL execution. Connected advisories confirm impact and remediation guidance, notably Gentoo GLSA 2010-06-19 recommending upg...
CVE-2009-3184
Multiple SQL injection vulnerabilities in index.php in Pirates of The Caribbean in the E-Gold Game Series allow remote attackers to execute arbitrary SQL commands via the 1 x and 2 y parameters...
CVE-2009-3190
Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the 1 search parameter to list.php and 2 cat parameter to rss.php...
Sql injection
Multiple SQL injection vulnerabilities in index.php in Pirates of The Caribbean in the E-Gold Game Series allow remote attackers to execute arbitrary SQL commands via the 1 x and 2 y parameters...
Sql injection
Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the 1 search parameter to list.php and 2 cat parameter to rss.php...
Sql injection
SQL injection vulnerability in the DigiFolio comdigifolio component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php...
CVE-2009-3190
Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the 1 search parameter to list.php and 2 cat parameter to rss.php...
CVE-2009-3184
CVE-2009-3184 describes multiple SQL injection vulnerabilities in the Pirates of The Caribbean component of the E-Gold Game Series, exploitable via the (1) x and (2) y parameters in index.php. The Red Hat and NVD/NVD-derived records confirm remote SQL command execution possibilities, with no publ...
CVE-2009-3184
Multiple SQL injection vulnerabilities in index.php in Pirates of The Caribbean in the E-Gold Game Series allow remote attackers to execute arbitrary SQL commands via the 1 x and 2 y parameters...
Sql injection
Multiple SQL injection vulnerabilities in Model Agency Manager PRO formerly Modeling Agency Content Management Script allow remote attackers to execute arbitrary SQL commands via the userid parameter to 1 view.php, 2 photos.php, and 3 motm.php; and the 4 id parameter to forummessage.php...
CVE-2009-3175
Model Agency Manager PRO (formerly Modeling Agency Content Management Script) has multiple SQL injection vulnerabilities. The flaws allow remote attackers to execute arbitrary SQL via the user_id parameter to view.php, photos.php, and motm.php, and via the id parameter to forum_message.php. Root ...
Sql injection
Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the 1 username parameter $usernameb variable to alogin.php or 2 user parameter to staff.php...
Sql injection
SQL injection vulnerability in index.php in Multi Website 1.5 allows remote attackers to execute arbitrary SQL commands via the Browse parameter in a vote action...
CVE-2009-3150
SQL injection vulnerability in index.php in Multi Website 1.5 allows remote attackers to execute arbitrary SQL commands via the Browse parameter in a vote action...
CVE-2009-3148
Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 calendar.php, 2 news.php, and 3 links.php; and the 4 assignmentid parameter to assignments.php...
Sql injection
SQL injection vulnerability in screen.php in the Download System mSF dsmsf module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the viewid parameter...
Sql injection
SQL injection vulnerability in mod/poll/comment.php in the vote module in Danneo CMS 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the comtext parameter, in conjunction with crafted comname and comtitle parameters, in a poll action to index.php, related to...
CVE-2009-3116
SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the year parameter in a calendar action...
CVE-2009-3118
SQL injection vulnerability in mod/poll/comment.php in the vote module in Danneo CMS 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the comtext parameter, in conjunction with crafted comname and comtitle parameters, in a poll action to index.php, related to...
Sql injection
SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the year parameter in a calendar action...