CVE-2010-4503

SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action...

CVE-2015-10054

A vulnerability, which was classified as critical, was found in githuis P2Manage. This affects the function Execute of the file PTwoManage/Database.cs. The manipulation of the argument sql leads to sql injection. The identifier of the patch is 717380aba80002414f82d93c770035198b7858cc. It is...

CVE-2014-3935

SQL injection vulnerability in glossaire-aff.php in the Glossaire module 1.0 for XOOPS allows remote attackers to execute arbitrary SQL commands via the lettre parameter...

CVE-2009-2128

SQL injection vulnerability in closebug.php in Elvin before 1.2.1 allows remote attackers to execute arbitrary SQL commands via the title aka subject field...

CVE-2009-2146

Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition aka SugarCRM before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct...

CVE-2004-2178

SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

CVE-2002-2351

Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." dot...

CVE-2009-3119

SQL injection vulnerability in screen.php in the Download System mSF dsmsf module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the viewid parameter...

CVE-2009-4970

SQL injection vulnerability in the t3maffiliate extension 0.5.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-1909

SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2007-5927

Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a .. dot dot in the first argument to the GlobalLog stored procedure. NOTE: this can be leveraged to execute arbitrary code using CVE-2007-5926...

CVE-2008-3754

SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2004-2668

SQL injection vulnerability in Interchange before 4.8.9 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

CVE-2005-2684

nquser.php in Virtual Edge Netquery 3.11 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter to a dig query...

CVE-2005-2867

SQL injection vulnerability in BlueWhaleCRM allows remote attackers to execute arbitrary SQL commands via the Account ID field...

CVE-2003-0654

Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespond user via qmail...

CVE-2009-4979

Multiple SQL injection vulnerabilities in search.php in Photokorn Gallery 1.81 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 where, 2 sort, 3 order, and 4 Match parameters...

CVE-2003-0452

Buffer overflows in osh before 1.7-11 allow local users to execute arbitrary code and bypass shell restrictions via 1 long environment variables or 2 long "file redirections."...

CVE-2005-2153

SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable...

CVE-2002-2395

InterScan VirusWall 3.52 for Windows allows remote attackers to bypass virus protection and possibly execute arbitrary code via HTTP 1.1 gzip content encoding...