Total
17788 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0342 | 1 Typo3 | 2 Job Reports, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Reports for Job (job_reports) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4782 | 1 Softwebsnepal | 1 Ananda Real Estate | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) city, (2) state, (3) country, (4) minprice, (5) maxprice, (6) bed, and (7) bath parameters, different vectors than CVE-2006-6807. | |||||
| CVE-2011-1546 | 1 Aphpkb | 1 Aphpkb | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase (Aphpkb) before 0.95.3 allow remote attackers to execute arbitrary SQL commands via the s parameter to (1) a_viewusers.php or (2) keysearch.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (3) id or (4) start parameter to pending.php, or the (5) aid parameter to a_authordetails.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1669 | 1 Mahara | 1 Mahara | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Mahara 1.1.x before 1.1.9 and 1.2.x before 1.2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-4061 | 1 Asp-dev | 1 Xm Diary | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ASP-DEv XM Diary allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to diary_view.asp or (2) view_date parameter to default.asp. | |||||
| CVE-2012-2684 | 2 Redhat, Trevor Mckay | 2 Enterprise Mrg, Cumin | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id. | |||||
| CVE-2012-3951 | 1 Sonicwall | 1 Scrutinizer | 2025-04-11 | 7.5 HIGH | N/A |
| The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session. | |||||
| CVE-2010-0956 | 1 Opencart | 1 Opencart | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in OpenCart 1.3.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2009-4722 | 1 Limny | 1 Limny | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2010-4862 | 2 Harmistechnology, Joomla | 2 Com Jedirectory, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | |||||
| CVE-2010-1341 | 1 Systemsoftware | 1 Community Black Forum | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attackers to execute arbitrary SQL commands via the s_flaeche parameter. | |||||
| CVE-2010-4955 | 1 Php-programs | 1 Apboard Developers Apboard | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in board/board.php in APBoard Developers APBoard 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3078. | |||||
| CVE-2010-0372 | 2 Hong Chuyen, Joomla | 2 Com Articlemanager, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Articlemanager (com_articlemanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the artid parameter in a display action to index.php. | |||||
| CVE-2012-3953 | 1 Phplist | 1 Phplist | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/index.php in phpList before 2.10.19 allows remote administrators to execute arbitrary SQL commands via the delete parameter to the editattributes page. | |||||
| CVE-2010-4969 | 1 Brotherscripts | 1 Business Directory | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in articlesdetails.php in BrotherScripts (BS) Business Directory allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-4926 | 2 Joomla, Timetrack | 2 Joomla\!, Com Timetrack | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to index.php. | |||||
| CVE-2012-6626 | 1 Brian Cabunac | 1 Browser To Email Phone Message System | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in verify-user.php in b2ePMS 1.0 allows remote attackers to execute arbitrary SQL commands via the username field. | |||||
| CVE-2011-5103 | 1 Alurian | 1 Prismotube Video Script | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Alurian Prismotube PHP Video Script allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2010-0139 | 1 Cisco | 1 Unified Meetingplace | 2025-04-11 | 9.0 HIGH | N/A |
| Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.2, and possibly 5 does not properly validate SQL commands, which allows remote attackers to create, modify, or delete data in a database via unspecified vectors, aka Bug ID CSCtc39691. | |||||
| CVE-2010-0115 | 1 Symantec | 2 Web Gateway, Web Gateway Appliance | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter. | |||||