| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script (Knowledge base Script) allows remote attackers to execute arbitrary SQL commands via the Password parameter (aka the pass field). |
| SQL injection vulnerability in browse.asp in Schoolwires Academic Portal allows remote attackers to execute arbitrary SQL commands via the c parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter. |
| SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a news action. |
| Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow (1) remote authenticated users to execute arbitrary SQL commands via the m parameter to manager/index.php and (2) remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an edit_link action to manager/tools.php. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in showcategory.php in Hotscripts Clone allows remote attackers to execute arbitrary SQL commands via the cid parameter. |
| Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter. |
| SQL injection vulnerability in play.php in the jeuxflash 1.0 module for KwsPHP allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a play ac action to index.php. NOTE: some details are obtained from third party information. |
| SQL injection vulnerability in index.php in the WF-Snippets 1.02 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the c parameter in a cat action. |
| Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php. |
| SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in house/listing_view.php in phpCollegeExchange 0.1.5c allows remote attackers to execute arbitrary SQL commands via the itemnr parameter. |
| SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. |
| SQL injection vulnerability in member.php in Webmaster Marketplace allows remote attackers to execute arbitrary SQL commands via the u parameter. |
| SQL injection vulnerability in index.php in Content Injector 1.53 allows remote attackers to execute arbitrary SQL commands via the id parameter in an expand action. |
| SQL injection vulnerability in the os_news module in Open-school (OS) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php. |
| SQL injection vulnerability in user.php in Super Serious Stats (aka superseriousstats) before 1.1.2p1 allows remote attackers to execute arbitrary SQL commands via the uid parameter, related to an "incorrect regexp." NOTE: some of these details are obtained from third party information. |
| Multiple SQL injection vulnerabilities in search.php in EsFaq 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) keywords and (2) cat parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
