15278 matches found
CVE-2010-4898
SQL injection vulnerability in the Gantry comgantry component 3.0.10 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter to index.php...
CVE-2015-2201
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users...
CVE-2010-4720
SQL injection vulnerability in the JExtensions JE Auto comjeauto component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page...
CVE-2010-1096
Multiple SQL injection vulnerabilities in searchmatch.php in ScriptsFeed Dating Software allow remote attackers to execute arbitrary SQL commands via the 1 txtgender and 2 txtlookgender parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third par...
CVE-2016-11017
The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter a failed login attempt returns the command-injection output to a limited login failure field. This is...
CVE-2010-1051
Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execute arbitrary SQL commands via the 1 year and 2 month parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2010-1019
SQL injection vulnerability in the Simple Gallery sksimplegallery extension 0.0.9 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2012-2324
Multiple SQL injection vulnerabilities in MyBB aka MyBulletinBoard before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the 1 user search or 2 Mail Log in the Admin Control Panel ACP...
CVE-2010-0956
SQL injection vulnerability in index.php in OpenCart 1.3.2 allows remote attackers to execute arbitrary SQL commands via the page parameter...
CVE-2016-20016
MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the "JAWS webserver RCE"...
CVE-2011-4829
SQL injection vulnerability in the comlisting component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the categoryid parameter to index.php...
CVE-2011-1571
Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition CE 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors...
CVE-2009-2915
SQL injection vulnerability in 2flygift.php in 2FLY Gift Delivery System 6.0 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a content action...
CVE-2009-4691
SQL injection vulnerability in addlink.php in Classified Linktrader Script allows remote attackers to execute arbitrary SQL commands via the slctCategories parameter...
CVE-2002-1898
Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window...
CVE-2002-1843
Perlbot 1.9.2 allows remote attackers to execute arbitrary commands via shell metacharacters in 1 the $text variable in SpelCheck.pm or 2 the $filename variable in HTMLPlog.pm...
CVE-2005-2165
read.cgi in GlobalNoteScript allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameters...
CVE-2009-2614
SQL injection vulnerability in zadminlogin.asp in DataCheck Solutions LinkPal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-3500
Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 catid parameter to main.php and 2 gameid parameter to game.php...
CVE-2005-1412
SQL injection vulnerability in verify.asp for Ecomm Professional Guestbook 3.x allows remote attackers to execute arbitrary SQL commands via the AdminPWD parameter...