Vulnerabilities (CVE)

Filtered by CWE-89
Total 19658 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-1426 1 Modxcms 1 Modxcms 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in MODx Evolution before 1.0.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors related to WebLogin.
CVE-2010-1372 2 Hdflvplayer, Joomla 2 Com Hdflvplayer, Joomla\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2010-1370 1 Preprojects 1 Pre Classified Listings Asp 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter.
CVE-2010-1369 1 Preprojects 1 Pre Classified Listings Asp 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter.
CVE-2010-1368 1 Gamescript 1 Gamescript 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in GameScript (GS) 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action.
CVE-2010-1366 1 Uiga 1 Fan Club 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password parameters.
CVE-2010-1365 1 Uiga 1 Fan Club 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.
CVE-2010-1364 1 Uiga 1 Personal Portal 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. NOTE: some of these details are obtained from third party information.
CVE-2010-1363 2 Extremejoomla, Joomla 2 Com J-projects, Joomla\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php.
CVE-2010-1359 2 Bluegate, Xt-commerce 2 Direct Url, Xt-commerce 2026-06-16 6.8 MEDIUM N/A
SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL module for xt:Commerce, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the coID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1350 2 Joomla, Joomlaprojects 2 Joomla\!, Com Jp Jobs 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2010-1346 1 Ribafs 1 Mini Cms Ribafs 2026-06-16 6.8 MEDIUM N/A
SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-1344 2 Cookex, Joomla 2 Com Ckforms, Joomla\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php.
CVE-2010-1343 1 Bjsintay 1 Sitex 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter.
CVE-2010-1341 1 Systemsoftware 1 Community Black Forum 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attackers to execute arbitrary SQL commands via the s_flaeche parameter.
CVE-2010-1338 2 Robertotto, Woltlab 2 Teamsite Hack Plugin, Burning Board 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action.
CVE-2010-1336 1 Invohost 1 Invohost 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) newlanguage parameters to site.php, (3) search parameter to manuals.php, and (4) unspecified vectors to faq.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1331 1 Heartlogic 1 Hl-sitemanager 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2010-1327 1 Tornadostore 1 Tornadostore 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the marca parameter to precios.php3 or (2) the where parameter in a delivery_courier action to control/abm_list.php3.
CVE-2010-1301 1 Merethis 1 Centreon 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the host_id parameter.