Total
17793 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1294 | 1 Contimex | 1 Impulsio Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CONTIMEX Impulsio CMS allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2013-6931 | 1 Cybozu | 1 Garoon | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the API in Cybozu Garoon 3.7.x before 3.7.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6929. | |||||
| CVE-2010-1089 | 1 Phptroubleticket | 1 Php Trouble Ticket | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2011-4734 | 3 Microsoft, Parallels, Redhat | 3 Windows, Parallels Plesk Panel, Enterprise Linux | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by file-manager/ and certain other files. | |||||
| CVE-2010-1004 | 2 Mischa Heimann, Typo3 | 2 Yatse, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-1656 | 1 Airiny | 1 Com Abc | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Airiny ABC (com_abc) component 1.1.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sectionid parameter in an abc action to index.php. | |||||
| CVE-2009-4862 | 1 Abushhab | 1 Alwasel | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Alwasel 1.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) show.php and (2) xml.php. | |||||
| CVE-2010-1346 | 1 Ribafs | 1 Mini Cms Ribafs | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-2325 | 1 Mybb | 1 Mybb | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0980 | 1 Mitchell Sleeper | 1 L4d Stats | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter. | |||||
| CVE-2011-4521 | 1 Advantech | 1 Advantech Webaccess | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary SQL commands via crafted string input. | |||||
| CVE-2010-1468 | 2 Focusdev, Joomla | 2 Com Mv Restaurantmenumanager, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Multi-Venue Restaurant Menu Manager (aka MVRMM or com_mv_restaurantmenumanager) component 1.5.2 Stable Update 3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the mid parameter in a menu_display action to index.php. | |||||
| CVE-2010-0334 | 2 Francisco Cifuentes, Typo3 | 2 Vote For Tt News, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-5060 | 1 Internet-works | 1 Nus Newssystem | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Nus.php in NUs Newssystem 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2011-4559 | 1 Vtiger | 1 Vtiger Crm | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php. | |||||
| CVE-2010-1743 | 1 Satyadeep | 1 Scratcher | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2012-3132 | 1 Oracle | 1 Database Server | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to execute arbitrary SQL commands via vectors involving CREATE INDEX with a CTXSYS.CONTEXT INDEXTYPE and DBMS_STATS.GATHER_TABLE_STATS. | |||||
| CVE-2011-1060 | 1 Webmastersite | 1 Wsn Guest | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php. | |||||
| CVE-2010-2044 | 2 Adhie Utomo, Joomla | 2 Com Konsultasi, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Konsultasi (com_konsultasi) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in a detail action to index.php. | |||||
| CVE-2009-4701 | 2 Liviu Mitrofan, Typo3 | 2 Myth Download, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||