Export limit exceeded: 360138 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19523 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19523 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4615 | 1 Iskenderaltuntas | 1 Oto Galeri Sistemi | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) arac parameter to carsdetail.asp and the (2) marka parameter to twohandscars.asp. | ||||
| CVE-2012-5367 | 1 Orangehrm | 1 Orangehrm | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in OrangeHRM 2.7.1 RC 1 allow remote authenticated administrators to execute arbitrary SQL commands via the sortField parameter to (1) viewCustomers, (2) viewPayGrades, or (3) viewSystemUsers in symfony/web/index.php/admin/, as demonstrated using cross-site request forgery (CSRF) attacks. | ||||
| CVE-2010-4776 | 1 Preprojects | 1 Pre Online Tests Generator | 2025-04-11 | N/A |
| SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via the tid2 parameter. | ||||
| CVE-2010-4780 | 1 Enanocms | 1 Enano Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in the check_banlist function in includes/sessions.php in Enano CMS 1.1.7pl1; 1.0.6pl2; and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2 allows remote attackers to execute arbitrary SQL commands via the email parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4782 | 1 Softwebsnepal | 1 Ananda Real Estate | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) city, (2) state, (3) country, (4) minprice, (5) maxprice, (6) bed, and (7) bath parameters, different vectors than CVE-2006-6807. | ||||
| CVE-2010-4784 | 1 Phpwebscripts | 1 Easy Banner Free | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in member.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | ||||
| CVE-2012-0805 | 2 Redhat, Sqlalchemy | 2 Enterprise Linux, Sqlalchemy | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function. | ||||
| CVE-2010-4791 | 2 Marcusg, Php-fusion | 2 Mg User Fotoalbum Panel, Php-fusion | 2025-04-11 | N/A |
| SQL injection vulnerability in infusions/mg_user_fotoalbum_panel/mg_user_fotoalbum.php in the MG User-Fotoalbum (mg_user_fotoalbum_panel) module 1.0.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the album_id parameter. | ||||
| CVE-2010-4799 | 1 Chipmunk-scripts | 1 Pwngame | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to authenticate.php and the (3) ID parameter to pwn.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4824 | 1 Silverstripe | 1 Silverstripe | 2025-04-11 | N/A |
| SQL injection vulnerability in the augmentSQL method in core/model/Translatable.php in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4, when the Translatable extension is enabled, allows remote attackers to execute arbitrary SQL commands via the locale parameter. | ||||
| CVE-2010-4829 | 1 T-dreams | 1 Cars Ads Package | 2025-04-11 | N/A |
| SQL injection vulnerability in processview.asp in Techno Dreams (T-Dreams) Cars Ads Package 2.0 allows remote attackers to execute arbitrary SQL commands via the key parameter. | ||||
| CVE-2010-4830 | 1 T-dreams | 1 Job Career Package | 2025-04-11 | N/A |
| SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno Dreams (T-Dreams) Job Career Package 3.0 allows remote attackers to execute arbitrary SQL commands via the z_Residency parameter. | ||||
| CVE-2010-4834 | 1 Oneorzero | 1 Aims | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in index.php in OneOrZero AIMS 2.6.0 Members Edition and 2.7.0 Trial Edition allow remote authenticated users to execute arbitrary SQL commands via the (1) id parameter in a saved_search action and (2) item_types parameter in a show_item_search action in the search_management_manage subcontroller. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4897 | 1 Bluecms Project | 1 Bluecms | 2025-04-11 | N/A |
| SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action. | ||||
| CVE-2010-4905 | 1 Softbizscripts | 1 Article Directory Script | 2025-04-11 | N/A |
| SQL injection vulnerability in article_details.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbiz_id parameter. | ||||
| CVE-2010-4923 | 1 Virtuenetz | 1 Virtue Book Store | 2025-04-11 | N/A |
| SQL injection vulnerability in book/detail.php in Virtue Netz Virtue Book Store allows remote attackers to execute arbitrary SQL commands via the bid parameter. | ||||
| CVE-2010-4926 | 2 Joomla, Timetrack | 2 Joomla\!, Com Timetrack | 2025-04-11 | N/A |
| SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to index.php. | ||||
| CVE-2010-4937 | 2 Joomla, Robitbt | 2 Joomla\!, Com Amblog | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the Amblog (com_amblog) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) articleid or (2) catid parameter to index.php. | ||||
| CVE-2010-4941 | 2 Joomla, Joomlamo | 2 Joomla\!, Com Teams | 2025-04-11 | N/A |
| SQL injection vulnerability in the Teams (com_teams) component 1_1028_100809_1711 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PlayerID parameter in a player save action to index.php. | ||||
| CVE-2010-4942 | 1 E-xoopport | 1 Samsara | 2025-04-11 | N/A |
| SQL injection vulnerability in location.php in the eCal module in E-Xoopport Samsara 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter. | ||||