| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.10 through 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a tnews action. |
| SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the siteID parameter. |
| Multiple SQL injection vulnerabilities in Jetbox CMS 2.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) orderby parameter to admin/cms/images.php and the (2) nav_id parameter in an editrecord action to admin/cms/nav.php. |
| SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter. |
| Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp. |
| SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the year parameter in a calendar action. |
| SQL injection vulnerability in the NinjaMonials (com_ninjacentral) component 1.1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the testimID parameter in a display action to index.php. |
| SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306. |
| SQL injection vulnerability in event.php in Mevin Productions Basic PHP Events Lister 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in the ConcoursPhoto module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the C_ID parameter to index.php. |
| SQL injection vulnerability in index.asp in I-Pos Internet Pay Online Store 1.3 Beta and earlier allows remote attackers to execute arbitrary SQL commands via the item parameter. |
| SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter. |
| SQL injection vulnerability in newskom.php in Powie pNews 2.03 allows remote attackers to execute arbitrary SQL commands via the newsid parameter. |
| SQL injection vulnerability in login.php in Simple Customer 1.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. |
| SQL injection vulnerability in index.php in Spice Classifieds allows remote attackers to execute arbitrary SQL commands via the cat_path parameter. |
| SQL injection vulnerability in viewevent.php in myEvent 1.6 allows remote attackers to execute arbitrary SQL commands via the eventdate parameter. |
| SQL injection vulnerability in the Kinfusion SportFusion (com_sportfusion) component 0.2.2 through 0.2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a teamdetail action to index.php. |
| Multiple SQL injection vulnerabilities in ASP Portal allow remote attackers to execute arbitrary SQL commands via the (1) ItemID parameter to classifieds.asp and the (2) ID parameter to Events.asp. |
| SQL injection vulnerability in events.php in iScripts SocialWare allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action. |
