13188 matches found
Sql injection
SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrary SQL commands via the editmenu parameter...
Sql injection
SQL injection vulnerability in index.php in WebAsyst Shop-Script allows remote attackers to execute arbitrary SQL commands via the blogid parameter in a news action...
Sql injection
SQL injection vulnerability in the ccInvoices comccinvoices component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php...
Sql injection
SQL injection vulnerability in click.php in CAG CMS 0.2 Beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter...
Sql injection
SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a consume action...
CVE-2010-4855
SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makaleid parameter...
CVE-2010-4869
SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrary SQL commands via the editmenu parameter...
CVE-2010-4862
SQL injection vulnerability in the JExtensions JE Directory comjedirectory component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php...
CVE-2010-4859
SQL injection vulnerability in index.php in WebAsyst Shop-Script allows remote attackers to execute arbitrary SQL commands via the blogid parameter in a news action...
CVE-2010-4854
SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a consume action...
CVE-2010-4860
SQL injection vulnerability in productdesc.php in MyPhpAuction 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2010-4861
SQL injection vulnerability in asearch.php in webSPELL 4.2.1 allows remote attackers to execute arbitrary SQL commands via the search parameter...
CVE-2010-4857
CVE-2010-4857 affects CAG CMS 0.2 Beta; the weakness is a SQL injection in click.php triggered via the itemid parameter. The vulnerability allows remote attackers to send crafted input to execute arbitrary SQL commands against the underlying database. The issue is documented across multiple sourc...
CVE-2010-4857
SQL injection vulnerability in click.php in CAG CMS 0.2 Beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter...
CVE-2010-4856
SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the tarih parameter...
CVE-2008-7302
SQL injection vulnerability in netinvoice.php in the nBill comnetinvoice component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving "knowledge of ... the contents of an encrypted file."...
Sql injection
SQL injection vulnerability in netinvoice.php in the nBill comnetinvoice component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving "knowledge of ... the contents of an encrypted file."...
CA Total Defense Suite - reGenerateReports Stored procedure SQL Injection (Metasploit)
$Id: catotaldefenseregeneratereports.rb 13810 2011-10-02 17:03:23Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
CVE-2011-3688
Multiple SQL injection vulnerabilities in Sonexis ConferenceManager 9.3.14.0 allow remote attackers to execute arbitrary SQL commands via 1 the g parameter to Conference/Audio/AudioResourceContainer.asp or 2 the txtConferenceID parameter to Login/HostLogin.asp...
CVE-2011-3688
Multiple SQL injection vulnerabilities in Sonexis ConferenceManager 9.3.14.0 allow remote attackers to execute arbitrary SQL commands via 1 the g parameter to Conference/Audio/AudioResourceContainer.asp or 2 the txtConferenceID parameter to Login/HostLogin.asp...