| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in the ComSchool (com_school) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to index.php. |
| Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) allow remote attackers to execute arbitrary SQL commands via the (1) sprache parameter to index2.php and the (2) artikel parameter to index.php. |
| SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter. |
| SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php. |
| SQL injection vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the username (Username parameter). |
| SQL injection vulnerability in authordetail.php in Article Friendly Pro allows remote attackers to execute arbitrary SQL commands via the autid parameter. |
| SQL injection vulnerability in section/default.asp in ANGEL Learning Management Suite (LMS) 7.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in index.php in Blue Eye CMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the clanek parameter. |
| SQL injection vulnerability in categories_portal.php in Pars4u Videosharing 1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. |
| SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. |
| SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action. |
| Multiple SQL injection vulnerabilities in index.php in Insanely Simple Blog 0.5 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter, or (2) the term parameter in a search action. NOTE: the current_subsection parameter is already covered by CVE-2007-3889. |
| SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767. |
| SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter (aka login field). NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in viewprofile.php in Availscript Classmate Script allows remote attackers to execute arbitrary SQL commands via the p parameter. |
| SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the show_page parameter. |
| SQL injection vulnerability in gallery.php in MyCard 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. |
