Total
17789 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1029 | 1 Tubeace | 1 Tube Ace | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mobile/search/index.php in Tube Ace (Adult PHP Tube Script) 1.6 allows remote attackers to execute arbitrary SQL commands via the q parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-4927 | 1 Limesurvey | 1 Limesurvey | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php. | |||||
| CVE-2012-5334 | 1 Preprojects | 1 Pre Printing Press | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_desc.php in Pre Printing Press allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2012-5766 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-04-11 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors involving the RNVisibility page and unspecified screens, a different vulnerability than CVE-2013-0560. | |||||
| CVE-2011-2751 | 1 Parodia | 1 Parodia | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Parodia before 6.809 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-0432 | 1 Simon Pamies | 1 Pywebdav | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2254 | 2 Joomla, Shape5 | 2 Joomla\!, Bridge Of Hope Template | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. | |||||
| CVE-2011-1556 | 1 Aphpkb | 1 Aphpkb | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in plugins/pdfClasses/pdfgen.php in Andy's PHP Knowledgebase (Aphpkb) 0.95.4 allows remote attackers to execute arbitrary SQL commands via the pdfa parameter. | |||||
| CVE-2010-5062 | 1 Mh Products | 1 Kleinanzeigenmarkt | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in MH Products kleinanzeigenmarkt allows remote attackers to execute arbitrary SQL commands via the c parameter. | |||||
| CVE-2010-4866 | 1 Chipmunk-scripts | 1 Chipmunk Board | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows remote attackers to execute arbitrary SQL commands via the forumID parameter. | |||||
| CVE-2013-1613 | 1 Symantec | 2 Security Information Manager, Security Information Manager Appliance | 2025-04-11 | 4.7 MEDIUM | N/A |
| SQL injection vulnerability in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0333 | 2 Matthias Graubner, Typo3 | 2 Mg Help, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4280 | 1 Artica | 1 Pandora Fms | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the id_group parameter in an operation/agentes/ver_agente action to ajax.php or (2) the group_id parameter in an operation/agentes/estado_agente action to index.php, related to operation/agentes/estado_agente.php. | |||||
| CVE-2010-1493 | 2 Awdsolution, Joomla | 2 Com Awdwall, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php. | |||||
| CVE-2013-1434 | 1 Cacti | 1 Cacti | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti before 0.8.8b allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-1055 | 1 Lingxia273 | 1 Lingxia I.c.e Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in api/ice_media.cfc in Lingxia I.C.E CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the session.user_id parameter to media.cfm. | |||||
| CVE-2010-4365 | 2 Harmistechnology, Joomla | 2 Com Jeajaxeventcalendar, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to index.php. | |||||
| CVE-2013-1842 | 1 Typo3 | 1 Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values." | |||||
| CVE-2010-4152 | 1 4site | 1 4site Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the i and th vectors are already covered by CVE-2009-0646. | |||||
| CVE-2009-4892 | 1 Webjump | 1 Webjump\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Content Management System WEBjump! allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) portfolio_genre.php and (2) news_id.php. | |||||