Search Results (37416 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-2124 1 Bartels-schoene 1 Conpresso 2025-04-11 N/A
SQL injection vulnerability in firma.php in Bartels Schone ConPresso 4.0.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2013-4348 3 Canonical, Linux, Redhat 3 Ubuntu Linux, Linux Kernel, Enterprise Mrg 2025-04-11 N/A
The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.
CVE-2010-2335 1 Yamamah 1 Yamamah 2025-04-11 N/A
SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter.
CVE-2010-1369 1 Preprojects 1 Pre Classified Listings Asp 2025-04-11 N/A
SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter.
CVE-2011-3340 1 Atcom 1 Netvolution 2025-04-11 N/A
SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
CVE-2011-4823 2 Extensionsforjoomla, Joomla 2 Com Vikrealestate, Joomla\! 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php.
CVE-2011-4811 1 Bst 1 Bestshoppro 2025-04-11 N/A
SQL injection vulnerability in pokaz_podkat.php in BestShopPro allows remote attackers to execute arbitrary SQL commands via the str parameter.
CVE-2009-4797 1 Jobhut.spranger 1 Jobhut 2025-04-11 N/A
SQL injection vulnerability in browse.php in JobHut 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pk parameter.
CVE-2010-4720 2 Harmistechnology, Joomla 2 Com Jeauto, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page.
CVE-2013-2956 1 Ibm 1 Infosphere Optim Data Growth For Oracle E-business Suite 2025-04-11 N/A
SQL injection vulnerability in the Console in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4934 1 Svcreation 1 Get Tube 2025-04-11 N/A
SQL injection vulnerability in video.php in Get Tube 4.51 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-4448 1 Wikkawiki 1 Wikkawiki 2025-04-11 N/A
SQL injection vulnerability in actions/usersettings/usersettings.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to execute arbitrary SQL commands via the default_comment_display parameter in an update action.
CVE-2012-6144 1 Typo3 1 Typo3 2025-04-11 N/A
SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-4260 1 Hccgmbh 1 Mycare2x 2025-04-11 N/A
Multiple SQL injection vulnerabilities in myCare2x allow remote attackers to execute arbitrary SQL commands via the (1) aktion or (2) callurl parameter to modules/patient/mycare2x_pat_info.php; (3) dept_nr or (4) pid parameter to modules/importer/mycare2x_importer.php; (5) myOpsEintrag or (6) keyword parameter in a Suchen action to modules/drg/mycare2x_proc_search.php; or (7) name_last or (8) pid parameter to modules/patient/mycare_pid.php.
CVE-2011-2213 2 Linux, Redhat 8 Linux Kernel, Enterprise Linux, Enterprise Linux Aus and 5 more 2025-04-11 N/A
The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880.
CVE-2012-3881 1 Adrian Chadd 2 Rtg, Rtg2 2025-04-11 N/A
Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php, (2) view.php, or (3) rtg.php.
CVE-2009-4734 1 Allomani 1 Movies Library 2025-04-11 N/A
SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
CVE-2009-4733 1 Supercrackmunkey 1 Simpleloginsys 2025-04-11 N/A
SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
CVE-2012-2923 1 Hypermethod 1 Elearning Server 2025-04-11 N/A
SQL injection vulnerability in news.php4 in Hypermethod eLearning Server 4G allows remote attackers to execute arbitrary SQL commands via the nid parameter.
CVE-2013-0684 1 Invensys 1 Wonderware Information Server 2025-04-11 N/A
SQL injection vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.