Vulnerabilities (CVE)

Filtered by CWE-89
Total 19623 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-0632 2 Joomla, Parkviewconsultants 2 Joomla\!, Com Simplefaq 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action to index.php.
CVE-2010-0631 1 Eicrasoft 1 Eicra Car Rental-script 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote attackers to execute arbitrary SQL commands via the (1) users (username) and (2) passwords parameters.
CVE-2010-0630 1 Evernewscripts 1 Free Joke Script 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in viewjokes.php in Evernew Free Joke Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0614 1 Myshell 1 Evalsmsi 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the (1) question action, and possibly the (2) sub_par or (3) num_quest actions.
CVE-2010-0611 1 Baalsystems 1 Baal Systems 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in adminlogin.php in Baal Systems 3.8 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
CVE-2010-0610 2 Joomla, Webguerilla 2 Joomla\!, Com Photoblog 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to index.php. NOTE: a separate vector for the id parameter to detail.php may also exist.
CVE-2010-0609 1 Novaboard 1 Novaboard 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in header.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the nova_name cookie parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-0608 1 Novaboard 1 Novaboard 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in index.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the forums[] parameter in a search action.
CVE-2010-0605 1 Osticket 1 Osticket 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter.
CVE-2010-0471 1 Enanocms 1 Enanocms 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the comment submission interface (includes/comment.php) in Enano CMS before 1.0.6pl1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
CVE-2010-0469 1 Files2links 1 F2l 3000 Appliance 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in Files2Links F2L 3000 appliance 4.0.0, and possibly other versions and models, allows remote attackers to execute arbitrary SQL commands via unspecified parameters to the login page.
CVE-2010-0461 1 Joomla 2 Com Casino, Joomla 2026-06-16 6.5 MEDIUM N/A
SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) category or (2) player action to index.php.
CVE-2010-0459 2 Joomla, Yoflash 2 Joomla\!, Com Mochigames 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the Mochigames (com_mochigames) component 0.51 and possibly other versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2010-0458 1 Netartmedia 1 Blog System 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in NetArt Media Blog System 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to index.php and the (2) note parameter to blog.php.
CVE-2010-0457 1 A3malnet 1 Magic-portal 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in home.php in magic-portal 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0456 2 Indianpulses, Joomla 2 Com Gameserver, Joomla\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in the indianpulse Game Server (com_gameserver) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the grp parameter in a gameserver action to index.php.
CVE-2010-0454 1 Fabricadigital 1 Publique\! 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in cgi/cgilua.exe/sys/start.htm in Publique! 2.3 allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-2010-0438 1 Otrs 1 Otrs 2026-06-16 6.5 MEDIUM N/A
Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in OTRS-Core in Open Ticket Request System (OTRS) 2.1.x before 2.1.9, 2.2.x before 2.2.9, 2.3.x before 2.3.5, and 2.4.x before 2.4.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0404 1 Phpgroupware 1 Phpgroupware 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before 0.9.16.016 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) class.sessions_db.inc.php, (2) class.translation_sql.inc.php, or (3) class.auth_sql.inc.php in phpgwapi/inc/.
CVE-2010-0400 1 Mahara 1 Mahara 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username.