Total
16023 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-5047 | 1 V-eva | 1 Press Release Script | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in page.php in V-EVA Press Release Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-4935 | 1 Khader Abbeb | 1 Entrans | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sid parameter. | |||||
| CVE-2011-3838 | 1 Wuzly | 1 Wuzly | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) u parameter to fp.php, (2) epage parameter to newpage.php, (3) epost parameter to newpost.php, and (4) username parameter to login.php in admin/; or the (5) username parameter to mobile/login.php. | |||||
| CVE-2010-4970 | 1 Wikiwebhelp | 1 Wiki Web Help | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in handlers/getpage.php in Wiki Web Help 0.28 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-2910 | 2 Alexred, Joomla | 2 Com Oziogallery, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
| CVE-2010-1092 | 1 Scriptsfeed | 1 Business Directory Software | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow remote attackers to execute arbitrary SQL commands via the (1) us and (2) ps parameters. | |||||
| CVE-2012-0199 | 1 Ibm | 1 Tivoli Provisioning Manager Express For Software Distribution | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allow remote attackers to execute arbitrary SQL commands via (1) a SOAP message to the Printer.getPrinterAgentKey function in the SoapServlet servlet, (2) the User.updateUserValue function in the register.do servlet, (3) the User.isExistingUser function in the logon.do servlet, (4) the Asset.getHWKey function in the CallHomeExec servlet, (5) the Asset.getMimeType function in the getAttachment (aka GetAttachmentServlet) servlet, (6) the addAsset.do servlet, or (7) a crafted EG2 file. | |||||
| CVE-2012-5290 | 1 Wcs4web | 1 Easywebrealestate | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in EasyWebRealEstate allow remote attackers to execute arbitrary SQL commands via the (1) lstid parameter to listings.php or (2) infoid parameter to index.php. | |||||
| CVE-2012-2908 | 1 Viscacha | 1 Viscacha | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/bbcodes.php in Viscacha 0.8.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) bbcodeexample, (2) buttonimage, or (3) bbcodetag parameter. | |||||
| CVE-2010-1463 | 1 Webasyst Llc | 1 Shop-script | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE allow attackers to execute arbitrary SQL commands via the (1) add2cart, (2) c_id, (3) categoryID, (4) list_price, (5) name, (6) new_offer, (7) price, (8) product_code, (9) productID, (10) rating, and (11) save_product parameters. | |||||
| CVE-2013-0123 | 1 Askia | 1 Askiaweb | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to execute arbitrary SQL commands via (1) the nHistoryId parameter to WebProd/pages/pgHistory.asp or (2) the OrderBy parameter to WebProd/pages/pgadmin.asp. | |||||
| CVE-2010-2826 | 1 Cisco | 1 Wireless Control System Software | 2025-04-11 | 9.0 HIGH | N/A |
| SQL injection vulnerability in Cisco Wireless Control System (WCS) 6.0.x before 6.0.196.0 allows remote authenticated users to execute arbitrary SQL commands via vectors related to the ORDER BY clause of the Client List screens, aka Bug ID CSCtf37019. | |||||
| CVE-2011-1061 | 1 Webmastersite | 1 Wsn Guest | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter. | |||||
| CVE-2013-5723 | 1 Sap | 1 Netweaver | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "ABAD0_DELETE_DERIVATION_TABLE." | |||||
| CVE-2012-5350 | 1 Wordpress | 2 Pay-with-tweet, Wordpress | 2025-04-11 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in the Pay With Tweet plugin before 1.2 for WordPress allows remote authenticated users with certain permissions to execute arbitrary SQL commands via the id parameter in a paywithtweet shortcode. | |||||
| CVE-2009-4709 | 2 Dirk Maiwert, Typo3 | 2 Datamints Newsticker, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the datamints Newsticker (datamints_newsticker) extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4908 | 1 Virtuenetz | 1 Virtue Shopping Mall | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.php in Virtue Shopping Mall allows remote attackers to execute arbitrary SQL commands via the prodid parameter. | |||||
| CVE-2011-5145 | 1 Obm | 1 Open Business Management | 2025-04-11 | 5.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sel_domain_id or (2) action parameter to obm.php; (3) tf_user parameter in a search action to group/group_index.php; (4) tf_delegation, (5) tf_ip, (6) tf_name to host/host_index.php; or (7) lang, (8) theme, (9) cal_alert, (10) cal_first_hour, (11) cal_interval, (12) cal_last_hour, (13) commentorder, (14) csv_sep, (15) date, (16) date_upd, (17) debug_exe, (18) debug_id, (19) debug_param, (20) debug_sess, (21) debug_solr, (22) debug_sql, (23) dsrc, (24) menu, (25) rows, (26) sel_display_days, (27) timeformat, (28) timezone, or (29) todo parameter to settings/settings_index.php. | |||||
| CVE-2010-4702 | 2 Fxwebdesign, Joomla | 2 Com Jradio, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-1364 | 1 Uiga | 1 Personal Portal | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. NOTE: some of these details are obtained from third party information. | |||||