| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in view_cat.php in PHP Realtor 1.5 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter. |
| Multiple SQL injection vulnerabilities in the Statistics (aka ke_stats) extension 0.1.2 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in fichero.php in MorcegoCMS 1.7.6 and earlier allows remote attackers to execute arbitrary SQL commands via the query string. |
| Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via (1) the login_name parameter (aka the username field) or (2) the login_pw parameter (aka the password field). |
| SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the no parameter. |
| SQL injection vulnerability in the Permis (com_groups) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in BSM Store Dependent Forums 1.02 allows remote attackers to execute arbitrary SQL commands via a Username field in an unspecified component, probably the FrmUserName parameter in login.asp. |
| SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3942. |
| Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp. |
| SQL injection vulnerability in the sections (Section) module in RunCMS allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle action. |
| SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the artnr parameter (aka the search section). NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in read.php in ToyLog 0.1 allows remote attackers to execute arbitrary SQL commands via the idm parameter. |
| SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php. |
| SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 allows remote attackers to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for 'numeric' fields." |
| SQL injection vulnerability in recept.php in the Recepies (Recept) module 1.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the kat_id parameter in a kategorier action. NOTE: some of these details are obtained from third party information. |
