Total
15981 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4996 | 1 Esoftpro | 1 Online Guestbook Pro | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2013-3530 | 2 Fabricio Zuardi, Wordpress | 2 Xspf Player Plugin, Wordpress | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in playlist.php in the Spiffy XSPF Player plugin 0.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter. | |||||
| CVE-2010-1538 | 1 Bluestrikeweb | 1 Phpraincheck | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in print_raincheck.php in phpRAINCHECK 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-4933 | 1 Winterwebs | 1 Ezwebitor | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in EZ Webitor allow remote attackers to execute arbitrary SQL commands via the (1) txtUserId (Username) and (2) txtPassword (Password) parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-4237 | 1 Tecnick | 1 Tcexam | 2025-04-11 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in TCExam before 11.3.008 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the subject_module_id parameter to (1) tce_edit_answer.php or (2) tce_edit_question.php. | |||||
| CVE-2010-1346 | 1 Ribafs | 1 Mini Cms Ribafs | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-2306 | 2 Drupal, Willem Van Der Plaat | 2 Drupal, Addressbook | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4872 | 1 Pilotcart | 1 Pilot Cart | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the specific parameter. | |||||
| CVE-2012-6626 | 1 Brian Cabunac | 1 Browser To Email Phone Message System | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in verify-user.php in b2ePMS 1.0 allows remote attackers to execute arbitrary SQL commands via the username field. | |||||
| CVE-2009-4783 | 1 Mntechsolutions | 1 Theeta Cms | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Theeta CMS, possibly 0.01, allow remote attackers to execute arbitrary SQL commands via the start parameter to (1) forum.php and (2) thread.php in community/, and (3) blog/index.php. | |||||
| CVE-2013-4681 | 2 Michael Staatz, Typo3 | 2 Sofortueberweisung2commerce, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the sofortueberweisung2commerce extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2013-7219 | 1 2glux | 1 Com Sexypolling | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in vote.php in the 2Glux Sexy Polling (com_sexypolling) component before 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the answer_id[] parameter. | |||||
| CVE-2010-1600 | 2 Joomla, Thefactory | 2 Joomla\!, Com Mediamall | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php. | |||||
| CVE-2010-4845 | 1 Mhproducts | 1 Projekt Shop | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MH Products Projekt Shop allow remote attackers to execute arbitrary SQL commands via the (1) ts parameter to details.php and possibly the (2) ilceler parameter to index.php. | |||||
| CVE-2011-5116 | 1 Setseed | 1 Setseed Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in setseed-hub in SetSeed CMS 5.8.20, 5.11.2, and earlier allows remote attackers to execute arbitrary SQL commands via the loggedInUser cookie. | |||||
| CVE-2012-5313 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows remote attackers to execute arbitrary SQL commands via the TOPIC_ID parameter. | |||||
| CVE-2011-3988 | 1 Lockon | 1 Ec-cube | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE 2.11.0 through 2.11.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-3922 | 1 Sixapart | 1 Movabletype | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-1493 | 2 Awdsolution, Joomla | 2 Com Awdwall, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php. | |||||
| CVE-2011-2403 | 1 Hp | 1 Network Automation | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||