Total
16001 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5766 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-04-11 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors involving the RNVisibility page and unspecified screens, a different vulnerability than CVE-2013-0560. | |||||
| CVE-2010-2909 | 2 Joomla, Toughtomato | 2 Joomla\!, Com Ttvideo | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to index.php. | |||||
| CVE-2012-6520 | 1 Wikidforum | 1 Wikidforum | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the advanced search in Wikidforum 2.10 allow remote attackers to execute arbitrary SQL commands via the (1) select_sort or (2) opt_search_select parameters. NOTE: this issue could not be reproduced by third parties. | |||||
| CVE-2010-4862 | 2 Harmistechnology, Joomla | 2 Com Jedirectory, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | |||||
| CVE-2012-0747 | 1 Ibm | 6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-5183 | 1 Bioinformatics | 1 Ordersys | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in OrderSys 1.6.4 and earlier allow remote attackers to execute arbitrary SQL commands via the where_clause parameter to (1) index.php, (2) index_long.php, or (3) index_short.php in ordering/interface_creator/. | |||||
| CVE-2010-1366 | 1 Uiga | 1 Fan Club | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password parameters. | |||||
| CVE-2014-0727 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the CallManager Interactive Voice Response (CMIVR) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05318. | |||||
| CVE-2010-2319 | 1 Idevspot | 1 Textads | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2009-4792 | 1 Karl Core | 1 Bandsite Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/content/member_content.php in BandSite CMS 1.1.4 allows remote attackers to execute arbitrary SQL commands via the memid parameter to members.php. | |||||
| CVE-2010-4904 | 2 Joomla, Simon Philips | 2 Joomla\!, Com Aardvertiser | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4738 | 1 Raemedia | 1 Real Estate Single And Multi Agent System | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Rae Media INC Real Estate Single and Multi Agent System 3.0 allow remote attackers to execute arbitrary SQL commands via the probe parameter to (1) multi/city.asp in the Multi Agent System and (2) resulttype.asp in the Single Agent System. | |||||
| CVE-2010-4363 | 1 Mrcgiguy | 1 Freeticket | 2025-04-11 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY (MCG) FreeTicket 1.0.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) email parameters in a showtickets action. | |||||
| CVE-2009-4698 | 2 Alexandre Amaral, Xoops | 2 Xoops Celepar, Xoops | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Qas (aka Quas) module for XOOPS Celepar allow remote attackers to execute arbitrary SQL commands via the codigo parameter to (1) aviso.php and (2) imprimir.php, and the (3) cod_categoria parameter to categoria.php. | |||||
| CVE-2011-5235 | 1 Mnogosearch | 1 Mnogosearch | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link. | |||||
| CVE-2010-4860 | 1 Galaxyscriptz | 1 Myphpauction | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_desc.php in MyPhpAuction 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1725 | 1 Alibabaclone | 1 Alibaba Clone Platinum | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in offers_buy.php in Alibaba Clone Platinum allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1093 | 1 1024cms | 1 1024 Cms | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action. | |||||
| CVE-2012-1294 | 1 Contimex | 1 Impulsio Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CONTIMEX Impulsio CMS allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2013-7193 | 1 Etoshop | 1 C2c Forward Auction Creator | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in C2C Forward Auction Creator 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) pa parameter to auction/asp/list.asp, or the (2) UserID or (3) Password to auction/casp/admin.asp. | |||||