Export limit exceeded: 19543 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19543 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-4763 | 1 Parallels | 1 Parallels Plesk Small Business Panel | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by Wizard/Edit/Html and certain other files. | ||||
| CVE-2011-4802 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sortfield, (2) sortorder, and (3) sall parameters to user/index.php and (b) user/group/index.php; the id parameter to (4) info.php, (5) perms.php, (6) param_ihm.php, (7) note.php, and (8) fiche.php in user/; and (9) rowid parameter to admin/boxes.php. | ||||
| CVE-2011-4803 | 2 Bravenewcode, Wordpress | 2 Wptouch, Wordpress | 2025-04-11 | N/A |
| SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2011-4808 | 2 Joomla, Joomlaextensions | 2 Joomla\!, Com Hmcommunity | 2025-04-11 | N/A |
| SQL injection vulnerability in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a fnd_home action to index.php. | ||||
| CVE-2011-4816 | 1 Ibm | 6 Maximo Asset Management, Maximo Asset Management Essentials, Maximo Service Desk and 3 more | 2025-04-11 | N/A |
| SQL injection vulnerability in the KPI component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2011-4921 | 1 E107 | 1 E107 | 2025-04-11 | N/A |
| SQL injection vulnerability in usersettings.php in e107 0.7.26, and possibly other versions before 1.0.0, allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2013-6172 | 1 Roundcube | 1 Webmail | 2025-04-11 | N/A |
| steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the _session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary code. | ||||
| CVE-2010-1855 | 1 Phpscripte24 | 1 Pay Per Watch \& Bid Auktions System | 2025-04-11 | N/A |
| SQL injection vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | ||||
| CVE-2010-1859 | 1 Deluxebb | 1 Deluxebb | 2025-04-11 | N/A |
| SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the membercookie cookie when adding a new thread. | ||||
| CVE-2010-1863 | 1 Clantiger | 1 Clantiger | 2025-04-11 | N/A |
| SQL injection vulnerability in the shoutbox module (modules/shoutbox.php) in ClanTiger 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the s_email parameter. | ||||
| CVE-2011-5038 | 1 Hitcode | 1 Hitappoint | 2025-04-11 | N/A |
| SQL injection vulnerability in hitCode hitAppoint 4.5.17 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2011-5039 | 1 Infoproject | 1 Biznis Heroj | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to login.php, (3) the filter parameter to widget.dokumenti_lista.php, and (4) the fin_nalog_id parameter to nalozi_naslov.php. | ||||
| CVE-2010-1994 | 1 Tomatocms | 1 Tomatocms | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in TomatoCMS before 2.0.5 allows remote attackers to execute arbitrary SQL commands via the q parameter in conjunction with a /news/search PATH_INFO. | ||||
| CVE-2012-4949 | 1 Esri | 1 Arcgis Server | 2025-04-11 | N/A |
| SQL injection vulnerability in ESRI ArcGIS 10.1 allows remote authenticated users to execute arbitrary SQL commands via the where parameter to a query URI for a REST service. | ||||
| CVE-2012-4951 | 1 Verifone | 1 Vericentre Web Console | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter. | ||||
| CVE-2013-6243 | 1 Landing Pages Project | 1 Landing Pages Plugin | 2025-04-11 | N/A |
| SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the "post" parameter to index.php. | ||||
| CVE-2011-5222 | 1 Scripte24shop | 1 Php Flirt-projekt | 2025-04-11 | N/A |
| SQL injection vulnerability in rub2_w.php in PHP Flirt-Projekt 4.8 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the rub parameter. | ||||
| CVE-2010-2317 | 1 Wmsdesign | 1 Wmscms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) search, (2) sbr, (3) pid, (4) sbl, and (5) FilePath parameters to default.asp; and the (6) sbr, (7) pr, and (8) psPrice parameters to printpage.asp. | ||||
| CVE-2011-5230 | 1 Seotoaster | 1 Seotoaster | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the selectUserIdByLoginPass function in seotoaster_core/application/models/LoginModel.php in Seotoaster 1.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) login parameter to sys/login/index or (2) memberLoginName parameter to sys/login/member. | ||||
| CVE-2010-2319 | 1 Idevspot | 1 Textads | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||