148 matches found
CVE-2007-3527
Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service CPU consumption via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop o...
CVE-2004-1821
SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to gain privileges or perform unauthorized database operations via the gid parameter...
CVE-2004-1821
CVE-2004-1821 describes an SQL injection vulnerability in the PHP-Nuke module 4nalbum 0.92, affecting versions 6.5 through 7.0. The issue arises from the gid parameter, enabling remote attackers to perform unauthorized database operations or gain privileges. Public references in CVE records conso...
TYPO3 Security Bulletin
An issue has been reported where a bug in the "cmwlinklist" extension allows SQL injection attacks. In specific situations, a remote offender can cause malicious database operations. Component Type: Third Party Extension. This extension is third party code that has not been submitted to the TYPO3...
CVE-2002-1110
Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magicquotesgpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to accountupdate.php...
CVE-2002-0999
CARE 2002 is affected by multiple SQL injection vulnerabilities in versions before beta 1.0.02, allowing remote attackers to perform unauthorized database operations. The root cause is SQL injection in CARE 2002 prior to 1.0.02. Impact, as described in sources, includes unauthorized database mani...
CVE-2002-0858
catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a default dbsnmp password, which allows attackers to perform restricted database operations and possibly gain other privileges...
CVE-2001-1348
TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL injection attack on the id parameter...