Vulnerabilities (CVE)

Filtered by CWE-89
Total 19668 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-1865 1 Csphere 1 Clansphere 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the IP address to the cs_getip function in generate.php in the Captcha module, or (2) the s_email parameter to the cs_sql_select function in the MySQL database driver (mysql.php).
CVE-2010-1863 1 Clantiger 1 Clantiger 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the shoutbox module (modules/shoutbox.php) in ClanTiger 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the s_email parameter.
CVE-2010-1859 1 Deluxebb 1 Deluxebb 2026-06-16 6.8 MEDIUM N/A
SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the membercookie cookie when adding a new thread.
CVE-2010-1857 1 Realitymedias 1 Repairshop2 2026-06-16 6.8 MEDIUM N/A
SQL injection vulnerability in index.php in RepairShop2 1.9.023 Trial, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prod parameter in a products.details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1855 1 Phpscripte24 1 Pay Per Watch \& Bid Auktions System 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
CVE-2010-1744 1 Alibabaclone 1 B2b Gold Script 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in product.html in B2B Gold Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-1743 1 Satyadeep 1 Scratcher 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-1741 1 Billwerx 1 Billwerx Rc 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in request_account.php in Billwerx RC 5.2.2 PL2 allows remote attackers to execute arbitrary SQL commands via the primary_number parameter.
CVE-2010-1740 1 Freeguppy 1 Guppy 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in newsletter.php in GuppY 4.5.18 allows remote attackers to execute arbitrary SQL commands via the lng parameter.
CVE-2010-1739 1 Joomla 2 Com Newsfeeds, Joomla\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the feedid parameter in a categories action to index.php.
CVE-2010-1733 1 Ocsinventory-ng 1 Ocs Inventory Ng 2026-06-16 6.8 MEDIUM N/A
Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02.3 allow remote attackers to execute arbitrary SQL commands via (1) multiple inventory fields to the search form, reachable through index.php; or (2) the "Software name" field to the "All softwares" search form, reachable through index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1727 1 Aspsiteware 1 Jobpost 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in type.asp in JobPost 1.0 allows remote attackers to execute arbitrary SQL commands via the iType parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-1726 1 Alibabaclone 1 Ec21 Clone 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-1725 1 Alibabaclone 1 Alibaba Clone Platinum 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in offers_buy.php in Alibaba Clone Platinum allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-1721 2 Joomla, Thethinkery 2 Joomla\!, Com Iproperty 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php.
CVE-2010-1720 2 Joomla, Qproje 2 Joomla\!, Com Qpersonel 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php.
CVE-2010-1716 2 Joomla, Joomlanetprojects 2 Joomla\!, Com Agenda 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2010-1713 1 Postnuke 1 Postnuke 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in modules.php in PostNuke 0.764 allows remote attackers to execute arbitrary SQL commands via the sid parameter in a News article modload action.
CVE-2010-1708 1 Freerealty.rwcinc 1 Free Realty 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter).
CVE-2010-1706 1 2daybiz 1 Auction Script 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote attackers to execute arbitrary SQL commands via (1) the login field (aka the username parameter), and possibly (2) the password field, to index.php. NOTE: some of these details are obtained from third party information.