13188 matches found
CVE-2010-4800
SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote attackers to execute arbitrary SQL commands via the type parameter...
CVE-2010-4793
CVE-2010-4793 affects Site2Nite Auto e-Manager (Detail.asp) via the ID parameter. The root cause is an SQL injection vulnerability in the detail.asp page, allowing remote attackers to execute arbitrary SQL commands. Concretely, the vulnerability is triggered through the ID parameter without prope...
CVE-2010-4797
Multiple SQL injection vulnerabilities in the log-in form in Truworth Flex Timesheet allow remote attackers to execute arbitrary SQL commands via the 1 Username and 2 Password fields...
CVE-2011-1686
Multiple SQL injection vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, as demonstrated by reading data...
CVE-2011-1686
Multiple SQL injection vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, as demonstrated by reading data...
CVE-2011-1686
Multiple SQL injection vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, as demonstrated by reading data...
CVE-2011-1722
Multiple SQL injection vulnerabilities in WEC Discussion Forum wecdiscussion extension 2.1.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in April 2011...
SQL Injection Vulnerability in Shutter
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Shutter which could be exploited to perform SQL injection attacks. 1 SQL injection vulnerability in Shutter The vulnerability exists due to input sanitation errors in the "albumID" parameter in index.html. A remote attacker...
CVE-2011-1653
Multiple SQL injection vulnerabilities in the Unified Network Control UNC Server in CA Total Defense TD r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the 1 UnAssignFunctionalRoles, 2 UnassignAdminRoles, 3 DeleteFilter, 4 NonAssignedUserList, 5...
CVE-2011-1653
Multiple SQL injection vulnerabilities in the Unified Network Control UNC Server in CA Total Defense TD r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the 1 UnAssignFunctionalRoles, 2 UnassignAdminRoles, 3 DeleteFilter, 4 NonAssignedUserList, 5...
CVE-2011-1667
SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action...
CVE-2011-1663
SQL injection vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action...
CVE-2011-1663
SQL injection vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2011-1667
SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action...
CVE-2011-1663
SQL injection vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4784
Multiple SQL injection vulnerabilities in member.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters...
Sql injection
Multiple SQL injection vulnerabilities in list.asp in Softwebs Nepal aka Ananda Raj Pandey Ananda Real Estate 3.4 allow remote attackers to execute arbitrary SQL commands via the 1 city, 2 state, 3 country, 4 minprice, 5 maxprice, 6 bed, and 7 bath parameters, different vectors than CVE-2006-6807...
Sql injection
SQL injection vulnerability in saa.php in Andy's PHP Knowledgebase Aphpkb 0.95.3 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter, a different vulnerability than CVE-2011-1546. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in ICloudCenter ICJobSite 1.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter to an unspecified component, a different vulnerability than CVE-2011-1546. NOTE: the provenance of this information is unknown; the details are obtained solely...