Search Results (37456 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4981 1 Yourfreeworld 1 Banner Management 2025-04-11 N/A
SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
CVE-2013-2594 1 Hornbill 1 Supportworks Itsm 2025-04-11 N/A
SQL injection vulnerability in reports/calldiary.php in Hornbill Supportworks ITSM 1.0.0 through 3.4.14 allows remote attackers to execute arbitrary SQL commands via the callref parameter.
CVE-2010-4975 2 Joomla, Techjoomla 2 Joomla\!, Com Socialads 2025-04-11 N/A
SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php.
CVE-2010-4974 1 Brotherscripts 1 Auto Dealer 2025-04-11 N/A
SQL injection vulnerability in info.php in BrotherScripts (BS) and ScriptsFeed Auto Dealer allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-1077 2 Manfred Egger, Typo3 2 Bc Post2facebook, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Post data records to facebook (bc_post2facebook) extension before 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4972 1 Ypninc 1 Jokescript 2025-04-11 N/A
SQL injection vulnerability in index.php in YPNinc JokeScript allows remote attackers to execute arbitrary SQL commands via the ypncat_id parameter.
CVE-2010-4970 1 Wikiwebhelp 1 Wiki Web Help 2025-04-11 N/A
SQL injection vulnerability in handlers/getpage.php in Wiki Web Help 0.28 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4969 1 Brotherscripts 1 Business Directory 2025-04-11 N/A
SQL injection vulnerability in articlesdetails.php in BrotherScripts (BS) Business Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4968 2 Joomla, Webmaster-tips 2 Joomla\!, Com Wmtpic 2025-04-11 N/A
SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVE-2010-4721 1 Mhproducts 1 Immo Makler 2025-04-11 N/A
SQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-5167 1 Atutor 1 Acontent 2025-04-11 N/A
Multiple SQL injection vulnerabilities in ATutor AContent before 1.2-1 allow remote attackers to execute arbitrary SQL commands via the (1) field parameter to course_category/index_inline_editor_submit.php or (2) user/index_inline_editor_submit.php; or (3) id parameter to user/user_password.php.
CVE-2010-4635 1 Site2nite 1 Vacation Rental Listings 2025-04-11 N/A
SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental (VRBO) Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2010-4632 1 Pilotcart 1 Pilot Cart 2025-04-11 N/A
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the (1) article parameter to kb.asp, (2) specific parameter to cart.asp, (3) countrycode parameter to contact.asp, and the (4) srch parameter to search.asp. NOTE: the article parameter to pilot.asp is already covered by CVE-2008-2688.
CVE-2012-4951 1 Verifone 1 Vericentre Web Console 2025-04-11 N/A
Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter.
CVE-2012-1061 1 Gforgegroup 1 Gforge 2025-04-11 N/A
SQL injection vulnerability in GForge Advanced Server 6.0.0 and other versions before 6.0.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-6577 2 Typo3, Typoheads 2 Typo3, Formhandler 2025-04-11 N/A
SQL injection vulnerability in the Formhandler extension before 1.4.1 for TYPO3 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-4292 1 Moodle 1 Moodle 2025-04-11 N/A
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted comments operations.
CVE-2012-6516 1 Shawn Bradley 1 Php Ticket System 2025-04-11 N/A
SQL injection vulnerability in PHP Ticket System Beta 1 allows remote attackers to execute arbitrary SQL commands via the q parameter to index.php.
CVE-2012-6507 1 Jason Sexauer 1 Churchcms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) uname or (2) pass parameters in a login action.
CVE-2012-2105 1 Peter Kovacs 1 Timesheet Next Gen 2025-04-11 N/A
Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.