Search Results (37497 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-5091 1 Vlinks 1 Vlinks 2025-04-11 N/A
SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4792 1 Karl Core 1 Bandsite Cms 2025-04-11 N/A
SQL injection vulnerability in includes/content/member_content.php in BandSite CMS 1.1.4 allows remote attackers to execute arbitrary SQL commands via the memid parameter to members.php.
CVE-2009-4805 1 Will Kraft 1 Ez-blog 2025-04-11 N/A
Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the storyid parameter to public/view.php or (2) the kill parameter to admin/remove.php.
CVE-2009-4791 1 Ryan Haudenschilt 1 Family Connections 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Family Connections (aka FCMS) before 1.8.2 allow remote attackers to execute arbitrary SQL commands via the (1) letter parameter to addressbook.php, (2) id parameter to recipes.php, (3) year parameter to register.php, (4) poll_id parameter to home.php, and (5) email parameter to lostpw.php.
CVE-2011-4826 1 Autosectools 1 V-cms 2025-04-11 N/A
SQL injection vulnerability in session.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to process.php. NOTE: some of these details are obtained from third party information.
CVE-2010-5059 1 Cmscout 1 Cmscout 2025-04-11 N/A
SQL injection vulnerability in index.php in CMScout 2.0.8 allows remote attackers to execute arbitrary SQL commands via the album parameter in a photos action.
CVE-2010-4838 2 Extensiondepot, Joomla 2 Com Jsupport, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the alpha parameter in a (1) listTickets or (2) listFaqs action to administrator/index.php.
CVE-2009-4784 2 Joaktree, Joomla 2 Com Joaktree, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php.
CVE-2011-4570 2 Joomla, Takeaweb 2 Joomla\!, Com Timereturns 2025-04-11 N/A
SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php.
CVE-2012-3000 1 F5 10 Big-ip Access Policy Manager, Big-ip Analytics, Big-ip Application Security Manager and 7 more 2025-04-11 N/A
Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter.
CVE-2012-0994 1 Zenphoto 1 Zenphoto 2025-04-11 N/A
SQL injection vulnerability in the Manage Albums feature in zp-core/admin-albumsort.php in ZENphoto 1.4.2 allows remote authenticated users to execute arbitrary SQL commands via the sortableList parameter.
CVE-2012-5317 1 Bigware 1 Bigware Shop 2025-04-11 N/A
SQL injection vulnerability in main_bigware_43.php in Bigware Shop before 2.1.5 allows remote attackers to execute arbitrary SQL commands via the lastname parameter in a process action.
CVE-2012-0752 7 Adobe, Apple, Google and 4 more 7 Flash Player, Mac Os X, Android and 4 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an unspecified "type confusion."
CVE-2012-5312 1 Tribiq 1 Tribiq Cms 2025-04-11 N/A
SQL injection vulnerability in Tribiq CMS allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2013-6243 1 Landing Pages Project 1 Landing Pages Plugin 2025-04-11 N/A
SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the "post" parameter to index.php.
CVE-2010-0677 1 Katalog.hurricane 1 Katalog Stron Hurricane 2025-04-11 N/A
SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter.
CVE-2010-4944 2 Joomla, Mambo-foundation 3 Com Elite Experts, Joomla\!, Mambo 2025-04-11 N/A
SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php.
CVE-2010-5003 2 Autartica, Joomla 2 Com Autartimonial, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-5001 1 Esoftpro 1 Online Contact Manager 2025-04-11 N/A
SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4946 1 Allpcscript 1 Allpc 2025-04-11 N/A
SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.