| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in articlesdetails.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-2905. |
| SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a detail action to index.php. |
| SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to index.php. |
| SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. |
| SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a viewnews action. |
| SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the _a parameter in a downloads action. |
| SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in news.php in AJ Square AJ HYIP MERIDIAN allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in the StaticXT (com_staticxt) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. |
| SQL injection vulnerability in the Golf Course Guide (com_golfcourseguide) component 0.9.6.0 beta and 1 beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a golfcourses action to index.php. |
| SQL injection vulnerability in default.asp in AKY Blog allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in the YouTube (com_youtube) component 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_cate parameter to index.php. |
| SQL injection vulnerability in myLDlinker.php in the myLinksDump Plugin 1.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the url parameter. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in index.php in sNews 1.7 allows remote attackers to execute arbitrary SQL commands via the category parameter. |
| SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the ava_code cookie to the "main page," related to index.php and the login task. |
| Multiple SQL injection vulnerabilities in eshtery CMS (aka eshtery.com) allow remote attackers to execute arbitrary SQL commands via the (1) Criteria field in an unspecified form related to catlgsearch.aspx or (2) user name to an unspecified form related to adminlogin.aspx. |
| SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to AjaxSearch. |
| SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php. |
