Total
18908 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4703 | 1 Typo3 | 2 Typo3, Ws Gallery | 2025-04-11 | N/A |
| SQL injection vulnerability in the Webesse Image Gallery (ws_gallery) extension 1.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-4771 | 1 Matteoiammarrone | 1 S-cms | 2025-04-11 | N/A |
| SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-3188 | 1 Ifdefined | 1 Bugtracker.net | 2025-04-11 | N/A |
| SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page. | ||||
| CVE-2009-4680 | 1 Phpdirectorysource | 1 Phpdirectorysource | 2025-04-11 | N/A |
| SQL injection vulnerability in search.php in phpDirectorySource 1.x allows remote attackers to execute arbitrary SQL commands via the st parameter. | ||||
| CVE-2010-4363 | 1 Mrcgiguy | 1 Freeticket | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY (MCG) FreeTicket 1.0.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) email parameters in a showtickets action. | ||||
| CVE-2010-4356 | 1 Site2nite | 1 Big Truck Broker | 2025-04-11 | N/A |
| SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter. | ||||
| CVE-2012-5000 | 2 Blueteck, Dzcp | 2 Witze Addon, Dev\!l\'z Clanportal | 2025-04-11 | N/A |
| SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 for deV!L'z Clanportal allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action. | ||||
| CVE-2009-4673 | 1 Mole-group | 1 Adult Portal Script | 2025-04-11 | N/A |
| SQL injection vulnerability in profile.php in Mole Group Adult Portal Script allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | ||||
| CVE-2012-3350 | 1 Valarsoft | 1 Webmatic | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header. | ||||
| CVE-2010-2905 | 2 Brotherscripts, Scriptsfeed | 2 Scripts Directory, Scripts Directory | 2025-04-11 | N/A |
| SQL injection vulnerability in info.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-4784 | 1 Phpwebscripts | 1 Easy Banner Free | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in member.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | ||||
| CVE-2013-5967 | 1 Alienvault | 1 Open Source Security Information Management | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the date_from parameter to (1) radar-iso27001-potential.php, (2) radar-iso27001-A12IS_acquisition-pot.php, (3) radar-iso27001-A11AccessControl-pot.php, (4) radar-iso27001-A10Com_OP_Mgnt-pot.php, or (5) radar-pci-potential.php in RadarReport/. | ||||
| CVE-2011-1653 | 1 Broadcom | 1 Total Defense | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the (1) UnAssignFunctionalRoles, (2) UnassignAdminRoles, (3) DeleteFilter, (4) NonAssignedUserList, (5) DeleteReportLayout, (6) DeleteReports, and (7) RegenerateReport stored procedures. | ||||
| CVE-2010-3029 | 1 Phpkick | 1 Phpkick | 2025-04-11 | N/A |
| SQL injection vulnerability in statistics.php in PHPKick 0.8 allows remote attackers to execute arbitrary SQL commands via the gameday parameter in an overview action. | ||||
| CVE-2010-4795 | 2 Joomla, Joomlaseller | 2 Joomla\!, Com Jscalendar | 2025-04-11 | N/A |
| SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ev_id parameter in a details action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4844 | 1 Mhproducts | 1 Easy Online Shop | 2025-04-11 | N/A |
| SQL injection vulnerability in content.php in MH Products Easy Online Shop allows remote attackers to execute arbitrary SQL commands via the kat parameter. | ||||
| CVE-2010-4298 | 1 Dustincowell | 1 Free Simple Software | 2025-04-11 | N/A |
| SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php. | ||||
| CVE-2010-4284 | 1 Samsung | 1 Data Management Server | 2025-04-11 | N/A |
| SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-4612 | 1 Hycus | 1 Hycus Cms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) usr_email parameters to user/1/hregister.html, (3) usr_email parameter to user/1/hlogin.html, (4) useremail parameter to user/1/forgotpass.html, and the (5) q parameter to search/1.html. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4280 | 1 Artica | 1 Pandora Fms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the id_group parameter in an operation/agentes/ver_agente action to ajax.php or (2) the group_id parameter in an operation/agentes/estado_agente action to index.php, related to operation/agentes/estado_agente.php. | ||||