Total
17789 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4934 | 1 Svcreation | 1 Get Tube | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in video.php in Get Tube 4.51 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2012-1815 | 1 Emerson | 3 Deltav, Deltav Proessentials Scientific Graph, Deltav Workstation | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-1009 | 2 Joachim-ruhs, Typo3 | 2 Educator, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2013-3437 | 1 Cisco | 1 Unified Operations Manager | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179. | |||||
| CVE-2010-4887 | 2 Raphael Zschorsch, Typo3 | 2 Commentsbe, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-6039 | 1 Yabsoft | 1 Advanced Image Hosting Script | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_comments.php in YABSoft Advanced Image Hosting (AIH) Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter. | |||||
| CVE-2010-4632 | 1 Pilotcart | 1 Pilot Cart | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the (1) article parameter to kb.asp, (2) specific parameter to cart.asp, (3) countrycode parameter to contact.asp, and the (4) srch parameter to search.asp. NOTE: the article parameter to pilot.asp is already covered by CVE-2008-2688. | |||||
| CVE-2010-3211 | 2 Jextn, Joomla | 2 Com Jefaqpro, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with (1) the catid parameter or (2) the catid parameter in a lists action. | |||||
| CVE-2008-7267 | 1 Boka | 1 Siteengine | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-2912 | 1 Kayako | 1 Esupport | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the _a parameter in a downloads action. | |||||
| CVE-2011-1061 | 1 Webmastersite | 1 Wsn Guest | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter. | |||||
| CVE-2010-1301 | 1 Merethis | 1 Centreon | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the host_id parameter. | |||||
| CVE-2011-1913 | 1 Mercator | 1 Sentinel | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login form in the web interface in Mercator SENTINEL 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-5167 | 1 Atutor | 1 Acontent | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ATutor AContent before 1.2-1 allow remote attackers to execute arbitrary SQL commands via the (1) field parameter to course_category/index_inline_editor_submit.php or (2) user/index_inline_editor_submit.php; or (3) id parameter to user/user_password.php. | |||||
| CVE-2009-4802 | 2 Joachim Ruhs, Typo3 | 2 Flat Manager, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Flat Manager (flatmgr) extension before 1.9.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-5213 | 1 Browsercrm | 1 Browsercrm | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) login[username] parameter to index.php, (2) parent_id parameter to modules/Documents/version_list.php, or (3) contact_id parameter to modules/Documents/index.php. | |||||
| CVE-2010-4946 | 1 Allpcscript | 1 Allpc | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter. | |||||
| CVE-2010-0673 | 2 Copperleaf, Wordpress | 2 Photolog, Wordpress | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter. | |||||
| CVE-2011-4674 | 1 Zabbix | 1 Zabbix | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the only_hostid parameter. | |||||
| CVE-2010-2614 | 1 Grafik-power | 1 Grafik Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/admin.php in Grafik CMS 1.1.2, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit_page action. | |||||