CVE-2003-0040

SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name...

Simple Machines Forum %lt; 1.1.4 / 1.0.12 SQL Injection

Binary data 4574.prm...

CVE-2004-2066

SQL injection vulnerability in session.php in LinPHA 0.9.4 allows remote attackers to execute arbitrary SQL code and bypass authentication via the 1 linphauserid or 2 linphapassword cookies...

CVE-2004-2042

Multiple SQL injection vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary SQL code and gain sensitive information via 1 content parameter to content.php, 2 contentid parameter to content.php, or 3 list parameter to news.php...

CVE-2004-0272

CVE-2004-0272 describes an SQL injection vulnerability in MaxWebPortal that allows remote attackers to inject arbitrary SQL via the SendTo parameter in Personal Messages, potentially exposing sensitive information. The NVD reports a CVSS v2 base score of 7.5 (HIGH) with network access, low attack...

Virtual Programming VP-ASP 4.005.00 - shopdisplayproducts.asp SQL Injection

Virtual Programming VP-ASP 4.005.00 - shopdisplayproducts.asp SQL Injection source: https://www.securityfocus.com/bid/9134/info It has been reported that VP-ASP may be prone to a SQL injection vulnerability that may allow an attacker to disclose sensitive information by supplying malicious SQL co...

VieNuke VieBoard 2.6 - SQL Injection

VieNuke VieBoard 2.6 - SQL Injection source: https://www.securityfocus.com/bid/8967/info It has been reported that VieNuke VieBoard may be prone to a SQL injection vulnerability that may allow an attacker to disclose sensitive information by supplying malicious SQL code to the underlying database...

CVE-2001-1369

The CVE-2001-1369 issue affects pam-pgsql prior to 0.5.2. It allows remote attackers to bypass authentication or modify user records by injecting SQL into the user or password fields, thereby executing arbitrary SQL. Root cause is SQL injection in authentication-related input. The provided docume...

PHP-Nuke x.x AND PostNuke SQL Injection

Hello again, just to say that PostNuke fork of PHP-Nuke is vulnerable to the same bugs AND it is possible to inject different SQL code in order to do other "funny" but "dangerous" things. Note to the guys of those projects: Filter those URL entries!!! Cheers, Pedro Inacio...

CVE-2002-0555

IBM Informix Web DataBlade 4.12 unescapes user input even if an application has escaped it, which could allow remote attackers to execute SQL code in a web form even when the developer has attempted to escape it...

CVE-2001-1224

getinput in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack...

CVE-2001-0848

join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbitrary SQL code via a semi-colon ; in a form variable...

CVE-2001-0848

CVE-2001-0848 affects join.cfm in e-Zone Media Fuse Talk, where a local user can inject and execute arbitrary SQL through a semicolon in a form variable. The vulnerability is tied to SQL injection in the application’s handling of input data, enabling partial confidentiality/integrity/availability...

RUS-CERT Advisory 2001-08:01

Vulnerabilities in several Apache authentication modules RUS-CERT has discovered that several Apache authentication modules which use SQL databases to store authentication information are vulnerable to a remote SQL code injection attack. Systems Affected Any Apache server using database-based...

RUS-CERT.apache.auth.txt

Vulnerabilities in several Apache authentication modules RUS-CERT has discovered that several Apache authentication modules which use SQL databases to store authentication information are vulnerable to a remote SQL code injection attack. Systems Affected Any Apache server using database-based...