13187 matches found
Sql injection
SQL injection vulnerability in the comlisting component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the categoryid parameter to index.php...
CVE-2011-4824
SQL injection vulnerability in authlogin.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the loginusername parameter...
CVE-2011-4824
SQL injection vulnerability in authlogin.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the loginusername parameter...
CVE-2011-4811
SQL injection vulnerability in pokazpodkat.php in BestShopPro allows remote attackers to execute arbitrary SQL commands via the str parameter...
Sql injection
Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 sortfield, 2 sortorder, and 3 sall parameters to user/index.php and b user/group/index.php; the id parameter to 4 info.php, 5 perms.php, 6...
Sql injection
SQL injection vulnerability in akeyActivationLogin.do in Authenex Web Management Control in Authenex Strong Authentication System ASAS Server 3.1.0.2 and 3.1.0.3 allows remote attackers to execute arbitrary SQL commands via the username parameter...
Sql injection
SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2011-4801
SQL injection vulnerability in akeyActivationLogin.do in Authenex Web Management Control in Authenex Strong Authentication System ASAS Server 3.1.0.2 and 3.1.0.3 allows remote attackers to execute arbitrary SQL commands via the username parameter...
CVE-2011-4802
Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 sortfield, 2 sortorder, and 3 sall parameters to user/index.php and b user/group/index.php; the id parameter to 4 info.php, 5 perms.php, 6...
DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection
Title ----- DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection Severity -------- High Date Discovered --------------- November 18, 2011 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: sxkeebler and r@b13$ Vulnerability Description...
DEBIAN-CVE-2011-4349
Multiple SQL injection vulnerabilities in 1 cd-mapping-db.c and 2 cd-device-db.c in colord before 0.1.15 allow local users to execute arbitrary SQL commands via vectors related to color devices and a device id, b property, or c profile id...
CVE-2011-2917
SQL injection vulnerability in administrator/index2.php in Mambo CMS 4.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the zorder parameter...
CVE-2011-2917
CVE-2011-2917 describes a SQL injection vulnerability in Mambo CMS
AlstraSoft EPay Enterprise 4.0 SQL Injection
Exploit Title: AlstraSoft EPay Enterprise v4.0 Blind SQL Injection Google Dork: Copyright @ 2010 iPayGold.com Date: Decembar/6/2011 Author: Don BalcanCrew & BalcanHack Software Link: http://www.alstrasoft.com/epayenterprise.htm Version: 4.0 Tested on: Apache/1.3.37 An attacker may execute arbitra...
CVE-2011-4674
SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the onlyhostid parameter...
Sql injection
Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to 1 partnerlist.php, 2 proioncategorylist.php, 3 rantevoulist.php, 4 syncategorylist.php, 5 synallasomenoslist.php, 6...
CVE-2011-4674
SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the onlyhostid parameter...
Sql injection
SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the onlyhostid parameter...
CVE-2011-4671
SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter aka redirect URL...
CVE-2011-4673
SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...