13188 matches found
Sql injection
SQL injection vulnerability in asarchives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to execute arbitrary SQL commands via the resultsperpage parameter to index.php. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in gallery.php in Easy Photo Gallery aka Ezphotogallery 2.1 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Sql injection
SQL injection vulnerability in public/page.php in Websens CMSbright allows remote attackers to execute arbitrary SQL commands via the idrubpage parameter...
CVE-2008-7003
Multiple SQL injection vulnerabilities in login.php in The Rat CMS Alpha 2 allow remote attackers to execute arbitrary SQL commands via the 1 userid and 2 password parameter...
CVE-2008-6985
Multiple SQL injection vulnerabilities in includes/classes/shoppingcart.php in Zen Cart 1.2.0 through 1.3.8a, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when 1 adding or 2 updating the shopping cart...
CVE-2009-2779
SQL injection vulnerability in index.php in AJ Matrix DNA allows remote attackers to execute arbitrary SQL commands via the id parameter in a productdetail action...
CVE-2009-2790
SQL injection vulnerability in catproducts.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4...
CVE-2009-2789
SQL injection vulnerability in the Permis comgroups component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
Sql injection
Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow remote attackers to execute arbitrary SQL commands via the 1 adminName parameter to cp/auth.php, 2 cid parameter to artcat.php, and 3 catid parameter to show.php...
Sql injection
SQL injection vulnerability in forum.php in Arab Portal 2.x, when magicquotesgpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the qc parameter in an addcomment action, a different vector than CVE-2006-1666...
Sql injection
SQL injection vulnerability in catproducts.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4...
Sql injection
SQL injection vulnerability in the JFusion comjfusion component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php...
Sql injection
SQL injection vulnerability in the Permis comgroups component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2009-2782
CVE-2009-2782 is a SQL injection vulnerability affecting the Joomla! JFusion (com_jfusion) component. The issue allows remote attackers to manipulate the database by injecting arbitrary SQL through the Itemid parameter sent to index.php. Public references note exploitation activity (e.g., exploit...
Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
The remote host is missing an update to apache-modauthmysql announced via advisory MDVSA-2009:189. OpenVAS Vulnerability Test $Id: mdksa2009189.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:189 apache-modauthmysql Authors: Thomas Reinke Copyright:...
CVE-2009-2777
SQL injection vulnerability in visitor/view.php in GarageSales Script allows remote attackers to execute arbitrary SQL commands via the key parameter...
Sql injection
SQL injection vulnerability in linkout.php in PHPArcadeScript PHP Arcade Script 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2009-2775
SQL injection vulnerability in linkout.php in PHPArcadeScript PHP Arcade Script 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2009-2776
SQL injection vulnerability in showresult.asp in Smart ASP Survey allows remote attackers to execute arbitrary SQL commands via the catid parameter...
CVE-2009-2774
SQL injection vulnerability in paidbanner.php in PHP Paid 4 Mail Script allows remote attackers to execute arbitrary SQL commands via the ID parameter...