| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter. |
| SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action. |
| SQL injection vulnerability in view_cresume.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the coder_id parameter. |
| SQL injection vulnerability in galerie.php in Galerie 3.2 allows remote attackers to execute arbitrary SQL commands via the pic parameter. |
| SQL injection vulnerability in hits.php in myWebland myStats allows remote attackers to execute arbitrary SQL commands via the sortby parameter. |
| SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote attackers to execute arbitrary SQL commands via the idDirectory parameter. |
| SQL injection vulnerability in dpage.php in The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the docID parameter. |
| SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page. |
| SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the v parameter. |
| SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter. |
| Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php. |
| SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. |
| Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to showcategory.php and the (2) id parameter to software-description.php. |
| SQL injection vulnerability in admin.php in E-topbiz Domain Shop 2 allows remote attackers to execute arbitrary SQL commands via the passfromform parameter. |
| SQL injection vulnerability in login.php in IP Reg 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the user_name parameter. |
| SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a DBpAGE action. |
| SQL injection vulnerability in cat.php in HispaH Model Search allows remote attackers to execute arbitrary SQL commands via the cat parameter. |
| SQL injection vulnerability in admin/index.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the txtPassword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in comments.php in Piwigo before 2.0.3 allows remote attackers to execute arbitrary SQL commands via the items_number parameter. |
| SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. |
