Total
17788 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5162 | 1 Osclass | 1 Osclass | 2025-04-11 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in oc-admin/ajax/ajax.php in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) edit_category_post or (2) enable_category action to index.php. | |||||
| CVE-2010-0338 | 1 Typo3 | 2 Ttpedit, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the TT_Products editor (ttpedit) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2013-5121 | 1 Phpfox | 1 Phpfox | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PHPFox before 3.6.0 (build6) allows remote attackers to execute arbitrary SQL commands via the search[sort_by] parameter to user/browse/view_/. | |||||
| CVE-2010-4855 | 1 Aspindir | 1 Xweblog | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter. | |||||
| CVE-2011-1048 | 1 Mihantools | 1 Mihantools | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product.php in MihanTools 1.33 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2012-0244 | 1 Advantech | 1 Advantech Webaccess | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Advantech/BroadWin WebAccess before 7.0 allow remote attackers to execute arbitrary SQL commands via crafted string input. | |||||
| CVE-2010-1865 | 1 Csphere | 1 Clansphere | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the IP address to the cs_getip function in generate.php in the Captcha module, or (2) the s_email parameter to the cs_sql_select function in the MySQL database driver (mysql.php). | |||||
| CVE-2010-4774 | 1 Auracms | 1 Auracms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171. | |||||
| CVE-2009-4728 | 1 Questions Answered | 1 Questions Answered | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the administrative interface in Questions Answered 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4360 | 1 Jurpo | 1 Jurpopage | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Jurpopage 0.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) note and (2) pg parameters, different vectors than CVE-2010-4359. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2012-3477 | 1 Thomas Hunter | 1 Neoinvoice | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in signup_check.php in NeoInvoice allows remote attackers to execute arbitrary SQL commands via the value parameter in a username action. | |||||
| CVE-2012-3839 | 1 Myclientbase | 1 Myclientbase | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in application/core/MY_Model.php in MyClientBase 0.12 allow remote attackers to execute arbitrary SQL commands via the (1) invoice_number or (2) tags parameter to index.php/invoice_search. | |||||
| CVE-2010-1705 | 1 Rocky.nu | 1 Modelbook | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in casting_view.php in Modelbook allows remote attackers to execute arbitrary SQL commands via the adnum parameter. | |||||
| CVE-2011-4215 | 1 Oneorzero | 1 Aims | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variable. | |||||
| CVE-2010-0671 | 1 Michalin | 1 Kr Media Pogodny Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a niusy action. | |||||
| CVE-2010-4876 | 1 Mblogger Project | 1 Mblogger | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows remote attackers to execute arbitrary SQL commands via the postID parameter. | |||||
| CVE-2011-5224 | 2 Trioniclabs, Wordpress | 2 Sentinel, Wordpress | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-4070 | 1 Dir2web | 1 Dir2web | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in system/src/dispatcher.php in Dir2web 3.0 allows remote attackers to execute arbitrary SQL commands via the oid parameter in a homepage action to index.php. | |||||
| CVE-2010-2610 | 1 2daybiz | 1 Job Site Script | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute arbitrary SQL commands via the (1) jid parameter to view_current_job.php, (2) job_iid parameter to show_search_more.php, and (3) left_cat parameter to show_search_result.php. | |||||
| CVE-2012-2236 | 1 Ryan Walberg | 1 Php Gift Registry | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 allows remote authenticated users to execute arbitrary SQL commands via the userid parameter in an edit action. | |||||