Total
15984 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1857 | 1 Realitymedias | 1 Repairshop2 | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in RepairShop2 1.9.023 Trial, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prod parameter in a products.details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2012-3477 | 1 Thomas Hunter | 1 Neoinvoice | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in signup_check.php in NeoInvoice allows remote attackers to execute arbitrary SQL commands via the value parameter in a username action. | |||||
| CVE-2010-4859 | 1 Webasyst | 1 Shop-script | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WebAsyst Shop-Script allows remote attackers to execute arbitrary SQL commands via the blog_id parameter in a news action. | |||||
| CVE-2009-4702 | 2 Markus Barchfeld, Typo3 | 2 Pm Tour, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Tour Extension (pm_tour) extension before 0.0.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-1071 | 2 Mathieu Vidal, Typo3 | 2 Mv Cooking, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Kitchen recipe (mv_cooking) extension before 0.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild as of February 2012. | |||||
| CVE-2010-4891 | 2 Andreas Kiefer, Typo3 | 2 Ke Yac, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-1350 | 2 Joomla, Joomlaprojects | 2 Joomla\!, Com Jp Jobs | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2012-2740 | 1 Phplist | 1 Phplist | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in public_html/lists/admin in phpList before 2.10.18 allows remote attackers to execute arbitrary SQL commands via the sortby parameter in a find action. | |||||
| CVE-2010-1045 | 2 Design-cars, Joomla | 2 Com Productbook, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4989 | 1 Farsi-cms | 1 Ziggurat Farsi Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter. | |||||
| CVE-2012-4990 | 1 Openx | 1 Openx | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/campaign-zone-link.php in OpenX 2.8.10 before revision 81823 allows remote attackers to execute arbitrary SQL commands via the ids[] parameter in a link action. | |||||
| CVE-2010-5103 | 1 Typo3 | 1 Typo3 | 2025-04-11 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-5215 | 1 2daybiz | 1 Video Community Portal Script | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Video Community Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5061 | 1 Rsstatic | 1 Rsstatic | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RSStatic allows remote attackers to execute arbitrary SQL commands via the maxarticles parameter. | |||||
| CVE-2012-1656 | 2 Drupal, Wesjones | 2 Drupal, Multisite Search | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the Multisite Search module 6.x-2.2 for Drupal allows remote authenticated users with certain permissions to execute arbitrary SQL commands via the Site table prefix field. | |||||
| CVE-2013-3050 | 1 Zapms | 1 Zapms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ZAPms 1.41 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter to product. | |||||
| CVE-2010-4855 | 1 Aspindir | 1 Xweblog | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter. | |||||
| CVE-2010-4902 | 2 Joomla, Joomla-clantools | 2 Joomla\!, Clantools | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Clantools (com_clantools) component 1.2.3 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) squad or (2) showgame parameter to index.php. | |||||
| CVE-2010-2335 | 1 Yamamah | 1 Yamamah | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter. | |||||
| CVE-2013-5354 | 1 Sharetronix | 1 Sharetronix | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Sharetronix 3.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) fb_user_id or (2) tw_user_id parameter to signup. | |||||