Search Results (37540 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-6873 1 Testa 1 Online Test Management System 2025-04-11 N/A
SQL injection vulnerability in Testa Online Test Management System (OTMS) 2.0.0.2 allows remote attackers to execute arbitrary SQL commands via the test_id parameter.
CVE-2013-0684 1 Invensys 1 Wonderware Information Server 2025-04-11 N/A
SQL injection vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1477 2 Joomla, Martin Hess 2 Joomla\!, Com Sermonspeaker 2025-04-11 N/A
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a latest_sermons action to index.php.
CVE-2010-1350 2 Joomla, Joomlaprojects 2 Joomla\!, Com Jp Jobs 2025-04-11 N/A
SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2010-2670 1 Brotherscripts 1 Recipe Website 2025-04-11 N/A
SQL injection vulnerability in recipedetail.php in BrotherScripts Recipe Website allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2013-7262 2 Osgeo, Umn 2 Mapserver, Mapserver 2025-04-11 N/A
SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter.
CVE-2009-4733 1 Supercrackmunkey 1 Simpleloginsys 2025-04-11 N/A
SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-4734 1 Allomani 1 Movies Library 2025-04-11 N/A
SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
CVE-2011-1667 1 Xmedien 1 Anzeigenmarkt 2025-04-11 N/A
SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action.
CVE-2012-3881 1 Adrian Chadd 2 Rtg, Rtg2 2025-04-11 N/A
Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php, (2) view.php, or (3) rtg.php.
CVE-2011-3340 1 Atcom 1 Netvolution 2025-04-11 N/A
SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
CVE-2010-5037 1 Michau Enterprises 1 Sensesites Commonsense Cms 2025-04-11 N/A
SQL injection vulnerability in article.php in SenseSites CommonSense CMS allows remote attackers to execute arbitrary SQL commands via the article_id parameter.
CVE-2012-4070 1 Dir2web 1 Dir2web 2025-04-11 N/A
SQL injection vulnerability in system/src/dispatcher.php in Dir2web 3.0 allows remote attackers to execute arbitrary SQL commands via the oid parameter in a homepage action to index.php.
CVE-2011-4823 2 Extensionsforjoomla, Joomla 2 Com Vikrealestate, Joomla\! 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php.
CVE-2010-1054 1 Parscms 1 Parscms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in ParsCMS allow remote attackers to execute arbitrary SQL commands via the RP parameter to (1) fa_default.asp and (2) en_default.asp.
CVE-2012-1934 1 Sourcefabric 1 Newscoop 2025-04-11 N/A
SQL injection vulnerability in admin/country/edit.php in Newscoop before 3.5.5 and 4.x before 4 RC4 allows remote attackers to execute arbitrary SQL commands via the f_country_code parameter.
CVE-2010-1009 2 Joachim-ruhs, Typo3 2 Educator, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4947 1 Q2solutions 1 Connx 2025-04-11 N/A
SQL injection vulnerability in frmLoginPwdReminderPopup.aspx in Q2 Solutions ConnX 4.0.20080606 allows remote attackers to execute arbitrary SQL commands via the txtEmail parameter.
CVE-2013-3294 1 Exponentcms 1 Exponent Cms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Exponent CMS before 2.2.0 release candidate 1 allow remote attackers to execute arbitrary SQL commands via the (1) src or (2) username parameter to index.php.
CVE-2011-1390 1 Ibm 1 Rational Clearquest 2025-04-11 N/A
SQL injection vulnerability in the Maintenance tool in IBM Rational ClearQuest 7.1.1.x before 7.1.1.9, 7.1.2.x before 7.1.2.6, and 8.x before 8.0.0.2 allows remote attackers to execute arbitrary SQL commands by leveraging an error in the user-database upgrade feature.