Vulnerabilities (CVE)

Filtered by CWE-89
Total 19677 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-2714 1 Tcwonline 1 Tcw Php Album 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in photos/index.php in TCW PHP Album 1.0 allows remote attackers to execute arbitrary SQL commands via the album parameter.
CVE-2010-2699 1 Edgephp 1 Clickbank Affiliate Marketplace Script 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) allows remote attackers to execute arbitrary SQL commands via the search parameter.
CVE-2010-2696 1 Sijio 1 Community Software 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in gallery/index.php in Sijio Community Software allows remote attackers to execute arbitrary SQL commands via the parent parameter.
CVE-2010-2694 2 Joomla, Redcomponent 2 Joomla\!, Com Redshop 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter to index.php.
CVE-2010-2691 1 2daybiz 1 Custom T-shirt Design Script 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in 2daybiz Custom T-Shirt Design Script allow remote attackers to execute arbitrary SQL commands via the (1) sbid parameter to products_details.php, (2) pid parameter to products/products.php, and (3) designid parameter to designview.php.
CVE-2010-2690 2 Jooforge, Joomla 2 Com Gamesbox, Joomla\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) component 1.0.2, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a consoles action to index.php.
CVE-2010-2689 1 Internetdm 1 Webdm Cms 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in cont_form.php in Internet DM WebDM CMS allows remote attackers to execute arbitrary SQL commands via the cf_id parameter.
CVE-2010-2688 1 Site2nite 1 Boat Classifieds 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in detail.asp in Site2Nite Boat Classifieds allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2010-2687 1 Site2nite 1 Boat Classifieds 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in printdetail.asp in Site2Nite Boat Classifieds allows remote attackers to execute arbitrary SQL commands via the Id parameter.
CVE-2010-2686 1 Topmanage 1 Olk Module 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in clientes.asp in the TopManage OLK module 1.91.30 for SAP allow remote attackers to execute arbitrary SQL commands via the (1) PriceFrom, (2) PriceTo, and (3) InvFrom parameters, as reachable from olk/c_p/searchCart.asp, and other unspecified vectors when performing an advanced search. NOTE: some of these details are obtained from third party information.
CVE-2010-2684 1 Customerparadigm 1 Pagedirector Cms 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2683 1 Customerparadigm 1 Pagedirector Cms 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in result.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the sub_catid parameter.
CVE-2010-2679 1 Joomla 2 Com Weblinks, Joomla\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2010-2678 2 Guillermo Vargas, Joomla 2 Com Xmap, Joomla\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in xmap (com_xmap) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVE-2010-2674 1 Alanzard 1 Tsoka\ 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an articolo action.
CVE-2010-2673 1 Devana 1 Devana 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in profile_view.php in Devana 1.6.6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2672 1 Ez 1 Ez Publish 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) SectionID and (2) SearchTimestamp parameters to the search feature and the (3) SearchContentClassAttributeID parameter to the advancedsearch feature.
CVE-2010-2670 1 Brotherscripts 1 Recipe Website 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in recipedetail.php in BrotherScripts Recipe Website allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2635 1 Ibm 1 Websphere Commerce 2026-06-16 6.5 MEDIUM N/A
SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified parameters to "Commerce Organization Admin Console JavaServer pages."
CVE-2010-2624 1 Iscripts 1 Easysnaps 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) comment parameter to add_comments.php, (2) values parameter to tags_details.php, or (3) begin parameter to greetings.php.