Vulnerabilities (CVE)

Filtered by CWE-89
Total 19623 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-0724 1 Mhd Zaher Ghaibeh 1 Arab Cart 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0723 1 Mhproducts 1 Ero Auktion 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0722 1 Mhproducts 1 Php Auktion Pro 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in news.php in Php Auktion Pro allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0721 1 Systemsoftware 1 Auktionshaus Gelb 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in news.php in Auktionshaus Gelb 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0720 1 Systemsoftware 1 Erotik Auktionshaus 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in news.php in Erotik Auktionshaus allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0712 1 Zenoss 1 Zenoss 2026-06-16 6.5 MEDIUM N/A
Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and other versions before 2.5, allow remote authenticated users to execute arbitrary SQL commands via the (1) severity, (2) state, (3) filter, (4) offset, and (5) count parameters.
CVE-2010-0710 1 Aspcodecms 1 Aspcode Cms 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-0702 1 Netfortris 1 Trixbox 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2010-0701 1 Newgensoft 1 Omnidocs 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in ForceChangePassword.jsp in Newgen Software OmniDocs allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0698 1 Dynamicsoft 1 Wsc Cms 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC CMS 2.2 allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-0694 2 Joomla, Percha 2 Joomla, Com Perchagallery 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php.
CVE-2010-0693 1 Commodityrentals 1 Trade Manager Script 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in products.php in CommodityRentals Trade Manager Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2010-0692 2 Iptechinside, Joomla 2 Com Jquarks, Joomla\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0691 1 Jtl-software 1 Jtl-shop 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arbitrary SQL commands via the s parameter.
CVE-2010-0690 1 Commodityrentals 1 Video Games Rentals 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in CommodityRentals Video Games Rentals allows remote attackers to execute arbitrary SQL commands via the pfid parameter in a catalog action.
CVE-2010-0677 1 Katalog.hurricane 1 Katalog Stron Hurricane 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter.
CVE-2010-0673 2 Copperleaf, Wordpress 2 Photolog, Wordpress 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter.
CVE-2010-0672 1 Webmastersite 1 Wsn Guest 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter.
CVE-2010-0671 1 Michalin 1 Kr Media Pogodny Cms 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a niusy action.
CVE-2010-0635 2 Jevents, Joomla 2 Jevents Search Plugin, Joomla\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information.