13188 matches found
CVE-2011-1557
CVE-2011-1557 is a SQL injection vulnerability affecting ICloudCenter ICJobSite 1.1, exploitable via the pid parameter to an unspecified component. The initial description notes a separate vulnerability from CVE-2011-1546, and connected records corroborate the same issue across multiple sources (...
CVE-2011-1546
Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase Aphpkb before 0.95.3 allow remote attackers to execute arbitrary SQL commands via the s parameter to 1 aviewusers.php or 2 keysearch.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the 3 id...
CVE-2010-4774
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171...
Sql injection
SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171...
Sql injection
SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via the tid2 parameter...
Sql injection
SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attackers to execute arbitrary SQL commands via the catid parameter in a catalog action...
CVE-2010-4770
SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attackers to execute arbitrary SQL commands via the catid parameter in a catalog action...
PYSEC-2011-7
Multiple SQL injection vulnerabilities in the getuserinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 user or 2 pw argument. NOTE: some of these details are obtained from third party...
Maian Weblog 4.0 Blind SQL Injection
?php / maian weblog = v4.0 Remote Blind SQL Injection Exploit vendor: http://www.maianscriptworld.co.uk/ Thanks to Johannes Dahse: http://bit.ly/dpQXMK Explanation: Lines 335 - 341 of the index.php we see this if statement that concerns our variable $bpost. // Check month and year vars... // If...
CVE-2011-0434
Multiple SQL injection vulnerabilities in Domain Technologie Control DTC before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to 1 admin/bwpermonth.php or 2 client/bwpermonth.php...
Sql injection
Multiple SQL injection vulnerabilities in Domain Technologie Control DTC before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to 1 admin/bwpermonth.php or 2 client/bwpermonth.php...
CVE-2011-0434
Multiple SQL injection vulnerabilities in Domain Technologie Control DTC before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to 1 admin/bwpermonth.php or 2 client/bwpermonth.php...
CVE-2011-1100
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the 1 findfid, 2 id, 3 selectfcat, 4 selectfmon, or 5 selectftag parameter in an images action...
Sql injection
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the 1 findfid, 2 id, 3 selectfcat, 4 selectfmon, or 5 selectftag parameter in an images action...
CVE-2011-1100
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the 1 findfid, 2 id, 3 selectfcat, 4 selectfmon, or 5 selectftag parameter in an images action...
Sql injection
SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 allows remote attackers to execute arbitrary SQL commands via the aidDB parameter...
Sql injection
SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php...
Sql injection
SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter...
CVE-2011-1061
SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter...