Total
16151 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0553 | 1 Symantec | 1 Im Manager | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-1994 | 1 Tomatocms | 1 Tomatocms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in TomatoCMS before 2.0.5 allows remote attackers to execute arbitrary SQL commands via the q parameter in conjunction with a /news/search PATH_INFO. | |||||
| CVE-2009-4728 | 1 Questions Answered | 1 Questions Answered | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the administrative interface in Questions Answered 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-5091 | 1 Vlinks | 1 Vlinks | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2013-7192 | 1 Etoshop | 1 Dynamic Biz Website Builder Quickweb | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Dynamic Biz Website Builder (QuickWeb) allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to apps/news-events/newdetail.asp, or the (2) UserID or (3) Password to login.asp. | |||||
| CVE-2010-0712 | 1 Zenoss | 1 Zenoss | 2025-04-11 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and other versions before 2.5, allow remote authenticated users to execute arbitrary SQL commands via the (1) severity, (2) state, (3) filter, (4) offset, and (5) count parameters. | |||||
| CVE-2010-5013 | 1 Mckenziecreations | 1 Virtual Real Estate Manager | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in listing_detail.asp in Mckenzie Creations Virtual Real Estate Manager (VRM) 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter. | |||||
| CVE-2012-5342 | 1 Michau Enterprises Llc | 1 Commonsense Cms | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SenseSites CommonSense CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) special.php, (2) article.php, or (3) cat2.php. | |||||
| CVE-2012-5000 | 2 Blueteck, Dzcp | 2 Witze Addon, Dev\!l\'z Clanportal | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 for deV!L'z Clanportal allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action. | |||||
| CVE-2012-4951 | 1 Verifone | 1 Vericentre Web Console | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter. | |||||
| CVE-2013-3522 | 1 Vbulletin | 1 Vbulletin | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter. | |||||
| CVE-2010-2721 | 1 Rightinpoint | 1 Lyrics Engine | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to execute arbitrary SQL commands via the artist_id parameter in an addalbum action. | |||||
| CVE-2012-1218 | 1 Freelancerkit | 1 Freelancerkit | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in freelancerKit 2.35 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to the (1) notes and (2) tickets components. | |||||
| CVE-2010-0981 | 2 Joomla, Templateplazza | 2 Joomla\!, Com Tpjobs | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php. | |||||
| CVE-2012-5312 | 1 Tribiq | 1 Tribiq Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Tribiq CMS allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2012-5334 | 1 Preprojects | 1 Pre Printing Press | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_desc.php in Pre Printing Press allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2010-1743 | 1 Satyadeep | 1 Scratcher | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-0672 | 1 Webmastersite | 1 Wsn Guest | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter. | |||||
| CVE-2013-0135 | 1 Chatelao | 1 Php Address Book | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) addressbook/register/edit_user_save.php; the email parameter to (4) addressbook/register/edit_user_save.php, (5) addressbook/register/reset_password.php, (6) addressbook/register/reset_password_save.php, or (7) addressbook/register/user_add_save.php; the username parameter to (8) addressbook/register/checklogin.php or (9) addressbook/register/reset_password_save.php; the (10) lastname, (11) firstname, (12) phone, (13) permissions, or (14) notes parameter to addressbook/register/edit_user_save.php; the (15) q parameter to addressbook/register/admin_index.php; the (16) site parameter to addressbook/register/linktick.php; the (17) password parameter to addressbook/register/reset_password.php; the (18) password_hint parameter to addressbook/register/reset_password_save.php; the (19) var parameter to addressbook/register/traffic.php; or a (20) BasicLogin cookie to addressbook/register/router.php. | |||||
| CVE-2009-4936 | 1 Spirate | 1 Small Pirate | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Small Pirate (SPirate) 2.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to the default URI in an rss .xml action, or the id parameter to (2) pag1.php, (3) pag1-guest.php, (4) rss-comment_post.php (aka rss-coment_post.php), or (5) rss-pic-comment.php. | |||||