Total
16038 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0459 | 2 Joomla, Yoflash | 2 Joomla\!, Com Mochigames | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Mochigames (com_mochigames) component 0.51 and possibly other versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2013-6929 | 1 Cybozu | 1 Garoon | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Cybozu Garoon 3.7 SP2 and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted API input. | |||||
| CVE-2010-0702 | 1 Netfortris | 1 Trixbox | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-7302 | 2 Joomla, Netshinesoftware | 2 Joomla\!, Com Netinvoice | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in netinvoice.php in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving "knowledge of ... the contents of an encrypted file." | |||||
| CVE-2012-2962 | 1 Sonicwall | 1 Scrutinizer | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter. | |||||
| CVE-2011-5091 | 1 Grboard | 1 Grboard | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in GR Board (aka grboard) 1.8.6.5 Community Edition allow remote attackers to execute arbitrary SQL commands via the (1) tableType or (2) blindTarget parameter to view.php, (3) the delTargets[0] parameter to view_memo.php, or (4) the isReported parameter to write_ok.php. | |||||
| CVE-2012-6507 | 1 Jason Sexauer | 1 Churchcms | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) uname or (2) pass parameters in a login action. | |||||
| CVE-2010-2047 | 1 Joenasejes | 1 Je Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in JE CMS 1.0.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewcategory action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-4686 | 1 Vbulletin | 1 Vbulletin | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote attackers to execute arbitrary SQL commands via the announcementid parameter. | |||||
| CVE-2011-3831 | 1 Sitracker | 1 Support Incident Tracker | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote attackers to execute arbitrary SQL commands via an uploaded file with a crafted file name. | |||||
| CVE-2013-7094 | 1 Sap | 1 Netweaver | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4284 | 1 Samsung | 1 Data Management Server | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-1206 | 1 Openwebanalytics | 1 Open Web Analytics | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the password reset page in Open Web Analytics (OWA) before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owa_email_address parameter in a base.passwordResetRequest action to index.php. | |||||
| CVE-2012-2338 | 1 Johan Cwiklinski | 1 Galette | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/picture.class.php in Galette 0.63, 0.63.1, 0.63.2, 0.63.3, and 0.64rc1 allows remote attackers to execute arbitrary SQL commands via the id_adh parameter to picture.php. | |||||
| CVE-2012-4282 | 1 Toocharger | 1 Trombinoscope | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in photo.php in Trombinoscope 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1271 | 1 Smart-plugs | 1 Smartplugs | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute arbitrary SQL commands via the domain parameter. | |||||
| CVE-2013-4870 | 2 News Search Project, Typo3 | 2 News Search, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the News Search (news_search) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-5328 | 2 Cartpauj, Wordpress | 2 Mingle-forum, Wordpress | 2025-04-11 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress might allow remote authenticated users to execute arbitrary SQL commands via the (1) memberid or (2) groupid parameters in a removemember action or (3) id parameter to fs-admin/fs-admin.php, or (4) edit_forum_id parameter in an edit_save_forum action to fs-admin/wpf-edit-forum-group.php. | |||||
| CVE-2010-1660 | 1 Clscript | 1 Clscript Classifieds Script | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in help-details.php in CLScript Classifieds Script allows remote attackers to execute arbitrary SQL commands via the hpId parameter. | |||||
| CVE-2010-0333 | 2 Matthias Graubner, Typo3 | 2 Mg Help, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||