Vulnerabilities (CVE)

Filtered by CWE-89
Total 19675 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-2133 1 Mylittleforum 1 My Little Forum 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in contact.php in My Little Forum allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-2942.
CVE-2010-2131 2 Mario Matzulla, Typo3 2 Cal, Typo3 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the Calendar Base (cal) extension before 1.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via iCalendar data.
CVE-2010-2124 1 Bartels-schoene 1 Conpresso 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in firma.php in Bartels Schone ConPresso 4.0.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2095 1 Cmsqlite 1 Cmsqlite 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in CMSQlite 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the c parameter.
CVE-2010-2092 1 Cacti 1 Cacti 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the POST or cookie value to bypass the validation routine, but inserts the $_GET value into the resulting query.
CVE-2010-2051 1 Debliteck 1 Dbcart 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in article.php in Debliteck DBCart allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2047 1 Joenasejes 1 Je Cms 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in JE CMS 1.0.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewcategory action. NOTE: some of these details are obtained from third party information.
CVE-2010-2044 2 Adhie Utomo, Joomla 2 Com Konsultasi, Joomla\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the Konsultasi (com_konsultasi) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in a detail action to index.php.
CVE-2010-2042 1 Shopex 1 Ecshop 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in search.php in ECShop 2.7.2 allows remote attackers to execute arbitrary SQL commands via the encode parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-2019 1 Bukulokomedia 1 Lokomedia Cms 2026-06-16 6.8 MEDIUM N/A
SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-2016 1 Imagetraders 1 Iceberg Cms 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in details.php in Iceberg CMS allows remote attackers to execute arbitrary SQL commands via the p_id parameter.
CVE-2010-2015 1 Createch-group 1 Lisk Cms 2026-06-16 6.8 MEDIUM N/A
Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a view_inbox action to cp/cp_messages.php or (2) the id parameter to cp/edit_email.php.
CVE-2010-2012 1 Sebrac.webcindario 1 Migascms 2026-06-16 6.8 MEDIUM N/A
SQL injection vulnerability in function.php in MigasCMS 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categorie parameter in a catalogo action. NOTE: some of these details are obtained from third party information.
CVE-2010-1994 1 Tomatocms 1 Tomatocms 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in TomatoCMS before 2.0.5 allows remote attackers to execute arbitrary SQL commands via the q parameter in conjunction with a /news/search PATH_INFO.
CVE-2010-1950 2 Emultisoft, Joomla 2 Com Jnewspaper, Joomla\! 2026-06-16 6.8 MEDIUM N/A
SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the date_info parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1949 2 Emultisoft, Joomla 2 Com Jnewspaper, Joomla\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1931 1 Cubecart 1 Cubecart 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in includes/content/cart.inc.php in CubeCart PHP Shopping cart 4.3.4 through 4.3.9 allows remote attackers to execute arbitrary SQL commands via the shipKey parameter to index.php.
CVE-2010-1925 1 Rifat Kurban 1 Tekno.portal 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in makale.php in tekno.Portal 0.1b allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-2817.
CVE-2010-1924 1 Phpscripte24 1 Live Shopping Multi Portal System 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in Hi Web Wiesbaden Live Shopping Multi Portal System allows remote attackers to execute arbitrary SQL commands via the artikel parameter.
CVE-2010-1923 1 Phpscripte24 1 Web Social Network Freunde Community 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System allows remote attackers to execute arbitrary SQL commands via the id parameter in a showgallery action.