| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in index.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the forums[] parameter in a search action. |
| SQL injection vulnerability in header.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the nova_name cookie parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the (1) question action, and possibly the (2) sub_par or (3) num_quest actions. |
| SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter. |
| SQL injection vulnerability in index.php in CommodityRentals Video Games Rentals allows remote attackers to execute arbitrary SQL commands via the pfid parameter in a catalog action. |
| SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arbitrary SQL commands via the s parameter. |
| SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in products.php in CommodityRentals Trade Manager Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. |
| SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php. |
| SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC CMS 2.2 allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in ForceChangePassword.jsp in Newgen Software OmniDocs allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter. |
| SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and other versions before 2.5, allow remote authenticated users to execute arbitrary SQL commands via the (1) severity, (2) state, (3) filter, (4) offset, and (5) count parameters. |
| SQL injection vulnerability in the SQL Reports (com_sqlreport) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter to ajax/print.php. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in news_desc.php in Softbiz Jobs allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in index.php in CommodityRentals Books/eBooks Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a gamecatalog action. |
| SQL injection vulnerability in index.php in CommodityRentals Vacation Rental Software allows remote attackers to execute arbitrary SQL commands via the rental_id parameter in a CalendarView action. |
| SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an event action to index.php. |
