Total
18938 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-0549 | 1 Symantec | 1 Web Gateway | 2025-04-11 | N/A |
| SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2011-1048 | 1 Mihantools | 1 Mihantools | 2025-04-11 | N/A |
| SQL injection vulnerability in product.php in MihanTools 1.33 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2012-4178 | 1 Symantec | 1 Web Gateway | 2025-04-11 | N/A |
| SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter. | ||||
| CVE-2011-1061 | 1 Webmastersite | 1 Wsn Guest | 2025-04-11 | N/A |
| SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter. | ||||
| CVE-2011-1390 | 1 Ibm | 1 Rational Clearquest | 2025-04-11 | N/A |
| SQL injection vulnerability in the Maintenance tool in IBM Rational ClearQuest 7.1.1.x before 7.1.1.9, 7.1.2.x before 7.1.2.6, and 8.x before 8.0.0.2 allows remote attackers to execute arbitrary SQL commands by leveraging an error in the user-database upgrade feature. | ||||
| CVE-2012-4055 | 1 Uiga | 1 Fan Club | 2025-04-11 | N/A |
| SQL injection vulnerability in index2.php in Uiga Fan Club allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||
| CVE-2011-1610 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064. | ||||
| CVE-2011-1686 | 1 Bestpractical | 1 Rt | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, as demonstrated by reading data. | ||||
| CVE-2010-4961 | 2 Dev-team Typoheads, Typo3 | 2 Webkitpdf, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Webkit PDFs (webkitpdf) extension before 1.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-3998 | 1 Sayakbanerjee | 1 Sticky Notes | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to execute arbitrary SQL commands via the (1) paste id in admin/modules/mod_pastes.php or (2) show.php, (3) user id to admin/modules/mod_users.php, (4) project to list.php, or (5) session id to show.php. | ||||
| CVE-2011-2930 | 1 Rubyonrails | 2 Rails, Ruby On Rails | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name. | ||||
| CVE-2012-3951 | 1 Sonicwall | 1 Scrutinizer | 2025-04-11 | N/A |
| The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session. | ||||
| CVE-2011-5112 | 2 Blueflyingfish, Joomla | 2 Com Alameda, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in Alameda (com_alameda) component before 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the storeid parameter to index.php. | ||||
| CVE-2012-3881 | 1 Adrian Chadd | 2 Rtg, Rtg2 | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php, (2) view.php, or (3) rtg.php. | ||||
| CVE-2011-5103 | 1 Alurian | 1 Prismotube Video Script | 2025-04-11 | N/A |
| SQL injection vulnerability in Alurian Prismotube PHP Video Script allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2012-3791 | 1 Cms-center | 1 Simple Web Content Management System | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Simple Web Content Management System 1.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) item_delete.php, (2) item_status.php, (3) item_detail.php, (4) item_modify.php, or (5) item_position.php in admin/; or (6) status parameter to admin/item_status.php. | ||||
| CVE-2012-1255 | 1 Segue Project | 1 Segue | 2025-04-11 | N/A |
| SQL injection vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-1072 | 1 Typo3 | 2 Toi Category, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Category-System (toi_category) extension 0.6.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-1077 | 2 Manfred Egger, Typo3 | 2 Bc Post2facebook, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Post data records to facebook (bc_post2facebook) extension before 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-0999 | 1 Lepton-cms | 1 Lepton | 2025-04-11 | N/A |
| SQL injection vulnerability in modules/news/rss.php in LEPTON before 1.1.4 allows remote attackers to execute arbitrary SQL commands via the group_id parameter. | ||||