Export limit exceeded: 19542 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19542 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-3601 | 1 Invisionpower | 1 Ibphotohost | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows remote attackers to execute arbitrary SQL commands via the img parameter. | ||||
| CVE-2010-1865 | 1 Csphere | 1 Clansphere | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the IP address to the cs_getip function in generate.php in the Captcha module, or (2) the s_email parameter to the cs_sql_select function in the MySQL database driver (mysql.php). | ||||
| CVE-2011-5262 | 1 Sonicwall | 4 Aventail Sra Ex6000, Aventail Sra Ex7000, Aventail Sra Ex9000 and 1 more | 2025-04-11 | N/A |
| SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter. | ||||
| CVE-2010-1863 | 1 Clantiger | 1 Clantiger | 2025-04-11 | N/A |
| SQL injection vulnerability in the shoutbox module (modules/shoutbox.php) in ClanTiger 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the s_email parameter. | ||||
| CVE-2010-1859 | 1 Deluxebb | 1 Deluxebb | 2025-04-11 | N/A |
| SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the membercookie cookie when adding a new thread. | ||||
| CVE-2010-1855 | 1 Phpscripte24 | 1 Pay Per Watch \& Bid Auktions System | 2025-04-11 | N/A |
| SQL injection vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | ||||
| CVE-2013-3527 | 1 Vanillaforums | 1 Vanilla | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Vanilla Forums before 2.0.18.8 allow remote attackers to execute arbitrary SQL commands via the parameter name in the Form/Email array to (1) entry/signin or (2) entry/passwordrequest. | ||||
| CVE-2013-6172 | 1 Roundcube | 1 Webmail | 2025-04-11 | N/A |
| steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the _session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary code. | ||||
| CVE-2011-4833 | 1 Sugarcrm | 1 Sugarcrm | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the Leads module in SugarCRM 6.1 before 6.1.7, 6.2 before 6.2.4, 6.3 before 6.3.0RC3, and 6.4 before 6.4.0beta1 allow remote attackers to execute arbitrary SQL commands via the (1) where and (2) order parameters in a get_full_list action to index.php. | ||||
| CVE-2012-4178 | 1 Symantec | 1 Web Gateway | 2025-04-11 | N/A |
| SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter. | ||||
| CVE-2012-4868 | 2 Joomla, Kunena | 2 Joomla\!, Kunena | 2025-04-11 | N/A |
| SQL injection vulnerability in news.php in the Kunena component 1.7.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2011-4829 | 2 Barter-sites, Joomla | 2 Com Listing, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the com_listing component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter to index.php. | ||||
| CVE-2013-6058 | 1 Apprain | 1 Apprain | 2025-04-11 | N/A |
| SQL injection vulnerability in appRain CMF 3.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to blog-by-cat/. | ||||
| CVE-2011-4826 | 1 Autosectools | 1 V-cms | 2025-04-11 | N/A |
| SQL injection vulnerability in session.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to process.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-4824 | 1 Cacti | 1 Cacti | 2025-04-11 | N/A |
| SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter. | ||||
| CVE-2010-2016 | 1 Imagetraders | 1 Iceberg Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in details.php in Iceberg CMS allows remote attackers to execute arbitrary SQL commands via the p_id parameter. | ||||
| CVE-2011-5203 | 1 Akiva | 1 Webboard | 2025-04-11 | N/A |
| SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-5213 | 1 Browsercrm | 1 Browsercrm | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) login[username] parameter to index.php, (2) parent_id parameter to modules/Documents/version_list.php, or (3) contact_id parameter to modules/Documents/index.php. | ||||
| CVE-2010-5053 | 2 Joomla, Php-shop-system | 2 Joomla\!, Com Xobbix | 2025-04-11 | N/A |
| SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php. | ||||
| CVE-2012-1026 | 1 Johannes Ekberg | 1 Xray Cms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in login2.php in XRay CMS 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. | ||||