CVE-2010-1950

SQL injection vulnerability in the Online News Paper Manager comjnewspaper component 1.0 for Joomla!, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the dateinfo parameter to index.php. NOTE: the provenance of this information is unknown; the detail...

CVE-2015-1576

Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to 1 copy2.php, 2 localize.php, 3 metai.php, 4 nc.php, 5 new2.php, or 6 rename2.php in u5admin/; 7 c parameter to u5admin/editor.php; 8 typ parameter to...

CVE-2018-7735

Afian FileRun before 2018.02.13 suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=metadata=cpanel=listfiletypes request...

CVE-2013-5121

SQL injection vulnerability in PHPFox before 3.6.0 build6 allows remote attackers to execute arbitrary SQL commands via the searchsortby parameter to user/browse/view/...

CVE-2019-19649

Zoho ManageEngine Applications Manager before 13620 allows a remote unauthenticated SQL injection via the SyncEventServlet eventid parameter to the SyncEventServlet.java doGet function...

CVE-2012-3951

The MySQL component in Plixer Scrutinizer aka Dell SonicWALL Scrutinizer 9.0.1.19899 and earlier has a default password of admin for the 1 scrutinizer and 2 scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session...

CVE-2011-4823

Multiple SQL injection vulnerabilities in Vik Real Estate comvikrealestate component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the 1 contract parameter in a results action and 2 imm parameter in a show action to index.php...

CVE-2018-7734

Afian FileRun before 2018.02.13 suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=users=cpanel=list request...

CVE-2013-0123

Multiple SQL injection vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to execute arbitrary SQL commands via 1 the nHistoryId parameter to WebProd/pages/pgHistory.asp or 2 the OrderBy parameter to WebProd/pages/pgadmin.asp...

CVE-2006-6414

Multiple SQL injection vulnerabilities in dettaglio.asp in dol storye allow remote attackers to execute arbitrary SQL commands via the 1 iddoc or 2 idaut parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2009-3497

SQL injection vulnerability in viewlisting.php in Vastal I-Tech Agent Zone aka The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2025-5003

CVE-2025-5003 affects projectworlds Online Time Table Generator 1.0. The vulnerability is a SQL injection in the /semester_ajax.php file caused by manipulating the ID argument. It can be exploited remotely; the exploit has been disclosed publicly. Multiple sources corroborate the issue with varyi...

CVE-2025-4910

A vulnerability, which was classified as critical, has been found in PHPGurukul Zoo Management System 2.1. This issue affects some unknown processing of the file /admin/edit-animal-details.php. The manipulation of the argument aname leads to sql injection. The attack may be initiated remotely. Th...

CVE-2025-4873

A vulnerability has been found in PHPGurukul News Portal 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be launched...

CVE-2025-4785

A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user-profile.php. The manipulation of the argument fullname/contactnumber leads to sql injection. The attack may be launched...

CVE-2025-4743

A vulnerability classified as critical was found in code-projects Employee Record System 1.0. Affected by this vulnerability is an unknown functionality of the file /dashboard/getData.php. The manipulation of the argument keywords leads to sql injection. The attack can be launched remotely. The...

CVE-2025-4724

A vulnerability, which was classified as critical, has been found in itsourcecode Placement Management System 1.0. Affected by this issue is some unknown functionality of the file /studentprofile.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely...

CVE-2024-23815

The CVE-2024-23815 entry concerns Siemens Desigo CC. Affected: Desigo CC server (all versions) where Installed Clients can reach the server from networks outside a highly protected zone, or only within highly protected zones. Issue: the server fails to authenticate certain client requests, allowi...

CVE-2025-4554

A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-passreports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiat...

CVE-2025-4550

A vulnerability, which was classified as critical, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects some unknown processing of the file /admin/pass-details.php. The manipulation of the argument pid leads to sql injection. The attack may be initiated...