CVE-2011-4638

Multiple SQL injection vulnerabilities in SpamTitan WebTitan before 3.60 allow remote attackers to execute arbitrary SQL commands via 1 the username parameter to login-x.php, and allow remote authenticated users to execute arbitrary SQL commands via the 2 bldomain, 3 wldomain, or 4 temid paramete...

CVE-2012-6588

SQL injection vulnerability in links.php in MYRE Business Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter...

CVE-2019-13191

A SQL injection vulnerability in IntraMaps MapControl 8 allows attackers to execute arbitrary SQL commands via the /ApplicationEngine/Search/Refine/Set page...

CVE-2013-4953

SQL injection vulnerability in play.php in Top Games Script 1.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter...

CVE-2015-6519

SQL injection vulnerability in Arab Portal 3 allows remote attackers to execute arbitrary SQL commands via the showemail parameter in a signup action to members.php...

CVE-2012-4265

SQL injection vulnerability in categoryedit.php in Proman Xpress 5.0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter...

CVE-2013-1613

SQL injection vulnerability in the management console aka Java console on the Symantec Security Information Manager SSIM appliance 4.7.x and 4.8.x before 4.8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

CVE-2012-3477

SQL injection vulnerability in signupcheck.php in NeoInvoice allows remote attackers to execute arbitrary SQL commands via the value parameter in a username action...

CVE-2019-5991

SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2014-4741

SQL injection vulnerability in demo/ads.php in Artifectx xClassified 1.2 allows remote attackers to execute arbitrary SQL commands via the catid parameter...

CVE-2010-0471

SQL injection vulnerability in the comment submission interface includes/comment.php in Enano CMS before 1.0.6pl1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...

CVE-2012-6586

Multiple SQL injection vulnerabilities in MYRE Vacation Rental Software allow remote attackers to execute arbitrary SQL commands via the 1 garage1 or 2 bathrooms1 parameter to vacation/1mobile/search.php, or 3 unspecified input to vacation/widgate/requestmoreinformation.php...

CVE-2011-1522

Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the 1 limit or 2 offset field...

CVE-2013-1400

Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or pollid parameter in a viewPollResults or userlogs action...

CVE-2010-3608

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 password pw parameters to a admin.php or b user.php...

CVE-2011-4949

SQL injection vulnerability in phpgwapi/js/dhtmlxtree/samples/withdb/loaddetails.php in EGroupware Enterprise Line EPL before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2013-5091

SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0 and possibly earlier allows remote authenticated users to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php. NOTE: this issue might be a duplicate of CVE-2011-4559...

CVE-2013-4827

SQL injection vulnerability in HP Intelligent Management Center iMC and HP IMC Service Operation Management Software Module allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZDI-CAN-1664...

CVE-2014-9457

SQL injection vulnerability in classes/monodisplay.class.php in PMB 4.1.3 and earlier allows remote authenticated users to execute arbitrary SQL commands via the id parameter to catalog.php...

CVE-2014-9435

Multiple SQL injection vulnerabilities in Absolut Engine 1.73 allow remote authenticated users to execute arbitrary SQL commands via the 1 sectionID parameter to admin/managersection.php, 2 userID parameter to admin/edituser.php, 3 username parameter to admin/admin.php, or 4 title parameter to...