Total
16001 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4905 | 1 Softbizscripts | 1 Article Directory Script | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article_details.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbiz_id parameter. | |||||
| CVE-2013-7262 | 2 Osgeo, Umn | 2 Mapserver, Mapserver | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter. | |||||
| CVE-2010-4992 | 2 Joomla, Paymentsplus | 2 Joomla\!, Payments Plus | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. | |||||
| CVE-2013-6983 | 1 Cisco | 1 Unified Presence Server | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615. | |||||
| CVE-2010-1368 | 1 Gamescript | 1 Gamescript | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in GameScript (GS) 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action. | |||||
| CVE-2013-5517 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-11 | 5.5 MEDIUM | N/A |
| SQL injection vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh96567. | |||||
| CVE-2010-3212 | 1 Seagullproject.org | 1 Seagull | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via the frmQuestion parameter in a retrieve action, in conjunction with a user/password PATH_INFO. | |||||
| CVE-2010-5055 | 1 Almnzm | 1 Almnzm | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Almnzm 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-0722 | 1 Mhproducts | 1 Php Auktion Pro | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in Php Auktion Pro allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-0980 | 1 Mitchell Sleeper | 1 L4d Stats | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter. | |||||
| CVE-2012-5297 | 1 Mavili Guestbook Project | 1 Mavili Guestbook | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in edit.asp in Mavili Guestbook, as released in November 2007, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-4949 | 2 Joachim Ruhs, Typo3 | 2 Locator, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-2236 | 1 Ryan Walberg | 1 Php Gift Registry | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 allows remote authenticated users to execute arbitrary SQL commands via the userid parameter in an edit action. | |||||
| CVE-2012-2109 | 2 Buddypress, Wordpress | 2 Buddypress, Wordpress | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of WordPress allows remote attackers to execute arbitrary SQL commands via the page parameter in an activity_widget_filter action. | |||||
| CVE-2011-4571 | 2 Eaimproved, Joomla | 2 Com Estateagent, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Estate Agent (com_estateagent) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showEO action to index.php. | |||||
| CVE-2010-0673 | 2 Copperleaf, Wordpress | 2 Photolog, Wordpress | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter. | |||||
| CVE-2013-3721 | 1 Psychostats | 1 Psychostats | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter. | |||||
| CVE-2010-2135 | 1 Hazelpress | 1 Hazelpress | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) password fields. | |||||
| CVE-2013-3527 | 1 Vanillaforums | 1 Vanilla | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Vanilla Forums before 2.0.18.8 allow remote attackers to execute arbitrary SQL commands via the parameter name in the Form/Email array to (1) entry/signin or (2) entry/passwordrequest. | |||||
| CVE-2011-3615 | 1 Simplemachines | 1 Smf | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Simple Machines Forum (SMF) before 1.1.15 and 2.x before 2.0.1 allow remote attackers to execute arbitrary SQL commands via vectors involving a (1) HTML entity or (2) display name. NOTE: some of these details are obtained from third party information. | |||||