Total
19746 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0434 | 1 Gplhost | 1 Domain Technologie Control | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) admin/bw_per_month.php or (2) client/bw_per_month.php. | |||||
| CVE-2011-0432 | 1 Simon Pamies | 1 Pywebdav | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-0407 | 1 Phenotype-cms | 1 Phenotype Cms | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the store function in _phenotype/system/class/PhenoTypeDataObject.class.php in Phenotype CMS 3.0 allows remote attackers to execute arbitrary SQL commands via a crafted URI, as demonstrated by Gallery/gal_id/1/image1,1.html. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5317 | 1 Basic-cms | 1 Sweetrice | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via (1) the file_name parameter in an attachment action, (2) the post parameter in a show_comment action, (3) the sys-name parameter in an rssfeed action, or (4) the sys-name parameter in a view action. | |||||
| CVE-2010-5287 | 1 Cstech | 1 Webconductor | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.php in Cornerstone Technologies webConductor allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5103 | 1 Typo3 | 1 Typo3 | 2026-06-16 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-5096 | 1 Mybb | 1 Mybb | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the keywords parameter in a (1) do_search action to search.php or (2) do_stuff action to private.php. NOTE: the vendor disputes this issue, saying "Although this doesn't lead to an SQL injection, it does provide a general MyBB SQL error. | |||||
| CVE-2010-5083 | 1 Phpnuke | 2 Php-nuke, Web Links Module | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the url parameter in an Add action to modules.php. | |||||
| CVE-2010-5063 | 1 Vwar | 1 Virtual War | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the ratearticleselect parameter. | |||||
| CVE-2010-5062 | 1 Mh Products | 1 Kleinanzeigenmarkt | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in MH Products kleinanzeigenmarkt allows remote attackers to execute arbitrary SQL commands via the c parameter. | |||||
| CVE-2010-5061 | 1 Rsstatic | 1 Rsstatic | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RSStatic allows remote attackers to execute arbitrary SQL commands via the maxarticles parameter. | |||||
| CVE-2010-5060 | 1 Internet-works | 1 Nus Newssystem | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Nus.php in NUs Newssystem 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5059 | 1 Cmscout | 1 Cmscout | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CMScout 2.0.8 allows remote attackers to execute arbitrary SQL commands via the album parameter in a photos action. | |||||
| CVE-2010-5058 | 1 Alephsystem | 1 Cms Ariadna | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detResolucion.php in CMS Ariadna 1.1 allows remote attackers to execute arbitrary SQL commands via the res_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-5057 | 1 Alephsystem | 1 Cms Ariadna | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detResolucion.php in CMS Ariadna 1.1 allows remote attackers to execute arbitrary SQL commands via the tipodoc_id parameter. | |||||
| CVE-2010-5056 | 2 Gbu Grafici, Joomla | 2 Com Gbufacebook, Joomla\! | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the GBU Facebook (com_gbufacebook) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the face_id parameter in a show_face action to index.php. | |||||
| CVE-2010-5055 | 1 Almnzm | 1 Almnzm | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Almnzm 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5053 | 2 Joomla, Php-shop-system | 2 Joomla\!, Com Xobbix | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php. | |||||
| CVE-2010-5049 | 1 Zabbix | 1 Zabbix | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in events.php in Zabbix 1.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the nav_time parameter. | |||||
| CVE-2010-5047 | 1 V-eva | 1 Press Release Script | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in page.php in V-EVA Press Release Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
