15278 matches found
CVE-2009-3418
Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow 1 remote authenticated users to execute arbitrary SQL commands via the m parameter to manager/index.php and 2 remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an editlink action to...
CVE-2006-7005
SQL injection vulnerability in item.php in PSY Auction allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-0479
Multiple SQL injection vulnerabilities in admin/adminlogin.php in Online Grades 3.2.4 allow remote attackers to execute arbitrary SQL commands via the 1 uname or 2 pword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2004-2183
Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers to execute arbitrary shell commands via the query string...
CVE-2003-0902
Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and possibly other versions, allows remote attackers to execute arbitrary commands...
CVE-2005-2205
The ReadLog function in kaiseki.cgi in pngren allows remote attackers to execute arbitrary commands via shell metacharacters in the query string...
CVE-2009-1851
SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-3059
Multiple SQL injection vulnerabilities in Joker Board aka JBoard 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via 1 core/select.php or 2 the city parameter to topadd.inc.php, reachable through sboard.php...
CVE-2002-2113
search.cgi in AGH HTMLsearch 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the template parameter...
CVE-2002-1998
Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtablecreate procedure 21...
CVE-2002-1964
Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors...
CVE-2002-1959
Nagios 1.0b1 through 1.0b3 allows remote attackers to execute arbitrary commands via shell metacharacters in plugin output...
CVE-2002-1868
Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields...
CVE-2002-1854
Rlaj whois CGI script whois.cgi 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain name field...
CVE-2009-1361
dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-1083
Sun Java System Identity Manager IdM 7.0 through 8.0 on Linux, AIX, Solaris, and HP-UX permits "control characters" in the passwords of user accounts, which allows remote attackers to execute arbitrary commands via vectors involving "resource adapters."...
CVE-2009-3819
Unspecified vulnerability in the Random Images maagrandomimage extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors...
CVE-2000-1223
quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request...
CVE-2007-3841
Unspecified vulnerability in Pidgin formerly Gaim 2.0.2 for Linux allows remote authenticated users, who are listed in a users list, to execute certain commands via unspecified vectors, aka ZD-00000035. NOTE: this information is based upon a vague advisory by a vulnerability information sales...
CVE-2006-5738
Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors...