13188 matches found
CVE-2010-3922
CVE-2010-3922 affects Movable Type: SQL injection in Movable Type 4.x before 4.35 and 5.x before 5.04 that allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Documented sources confirm vulnerable product versions and impact (remote data view/ modification). Availab...
CVE-2010-3922
SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4503
SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action...
Sql injection
Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 un and 2 pw parameters...
Sql injection
SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action...
CVE-2010-4505
Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 un and 2 pw parameters...
CVE-2010-4500
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 subject, and 4 message parameters in a sendmess action. NOTE: the provenance of this...
Sql injection
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 subject, and 4 message parameters in a sendmess action. NOTE: the provenance of this...
CVE-2010-4257
SQL injection vulnerability in the dotrackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field...
DEBIAN-CVE-2010-4257
SQL injection vulnerability in the dotrackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field...
Sql injection
SQL injection vulnerability in the dotrackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field...
CVE-2010-4404
SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4400
SQL injection vulnerability in rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands via the giveRightsUserId parameter...
CVE-2010-4404
SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4400
SQL injection vulnerability in rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands via the giveRightsUserId parameter...
ASPSiteWare JobPost 1.0 - SQL Injection
Author: R4dc0re Exploit Title: ASPSiteware JobPost SQL injection Vulnerability Date: 04-12-2010 Vendor or Software Link: www.aspsiteware.com Category:WebApp Version:1.0 Price:40$ Contact: [email protected] Website: www.1337db.com Greetings to: R0073r1337db.com, L0rd CrusAd3r,Sid3^effects and to re...
CVE-2010-4280
Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 allow remote authenticated users to execute arbitrary SQL commands via 1 the idgroup parameter in an operation/agentes/veragente action to ajax.php or 2 the groupid parameter in an operation/agentes/estadoagente action to index.ph...
CVE-2010-3267
Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the quid parameter to bugs.aspx, 2 the rowid parameter to deletequery.aspx, the 3 newproject or 4 usid parameter to editbug.aspx, or 5 the buglist paramet...
Sql injection
Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the quid parameter to bugs.aspx, 2 the rowid parameter to deletequery.aspx, the 3 newproject or 4 usid parameter to editbug.aspx, or 5 the buglist paramet...
CVE-2010-3267
Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the quid parameter to bugs.aspx, 2 the rowid parameter to deletequery.aspx, the 3 newproject or 4 usid parameter to editbug.aspx, or 5 the buglist paramet...