Export limit exceeded: 19512 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19512 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4925 | 1 Creasito | 1 Creasito E-commerce Content Manager | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Portale e-commerce Creasito (aka creasito e-commerce content manager) 1.3.16, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) admin/checkuser.php and (2) checkuser.php. | ||||
| CVE-2009-4954 | 2 Typo3, Websedit | 2 Typo3, Sk Calendar | 2025-04-11 | N/A |
| SQL injection vulnerability in the Versatile Calendar Extension [VCE] (sk_calendar) extension before 0.3.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1904 | 1 Emc | 1 Rsa Key Manager Client | 2025-04-11 | N/A |
| SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data. | ||||
| CVE-2010-1857 | 1 Realitymedias | 1 Repairshop2 | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in RepairShop2 1.9.023 Trial, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prod parameter in a products.details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-1372 | 2 Hdflvplayer, Joomla | 2 Com Hdflvplayer, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2010-1370 | 1 Preprojects | 1 Pre Classified Listings Asp | 2025-04-11 | N/A |
| SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter. | ||||
| CVE-2013-4619 | 1 Open-emr | 1 Openemr | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in OpenEMR 4.1.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) start or (2) end parameter to interface/reports/custom_report_range.php, or the (3) form_newid parameter to custom/chart_tracker.php. | ||||
| CVE-2013-7262 | 2 Osgeo, Umn | 2 Mapserver, Mapserver | 2025-04-11 | N/A |
| SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter. | ||||
| CVE-2012-1072 | 1 Typo3 | 2 Toi Category, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Category-System (toi_category) extension 0.6.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4748 | 2 Andrew Charlton, Wordpress | 2 My Category Order, Wordpress | 2025-04-11 | N/A |
| SQL injection vulnerability in mycategoryorder.php in the My Category Order plugin 2.8 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the parentID parameter in an act_OrderCategories action to wp-admin/post-new.php. | ||||
| CVE-2012-1071 | 2 Mathieu Vidal, Typo3 | 2 Mv Cooking, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Kitchen recipe (mv_cooking) extension before 0.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild as of February 2012. | ||||
| CVE-2012-1116 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2011-3989 | 1 Hiroyuki Oyama | 1 Dbd\ | 2025-04-11 | N/A |
| SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-1294 | 1 Contimex | 1 Impulsio Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in CONTIMEX Impulsio CMS allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2011-3831 | 1 Sitracker | 1 Support Incident Tracker | 2025-04-11 | N/A |
| SQL injection vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote attackers to execute arbitrary SQL commands via an uploaded file with a crafted file name. | ||||
| CVE-2010-4968 | 2 Joomla, Webmaster-tips | 2 Joomla\!, Com Wmtpic | 2025-04-11 | N/A |
| SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| CVE-2010-4969 | 1 Brotherscripts | 1 Business Directory | 2025-04-11 | N/A |
| SQL injection vulnerability in articlesdetails.php in BrotherScripts (BS) Business Directory allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-4977 | 2 Joomla, Miniwork | 2 Joomla\!, Com Canteen | 2025-04-11 | N/A |
| SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. | ||||
| CVE-2010-4986 | 1 Cafuego | 1 Simple Document Management System | 2025-04-11 | N/A |
| SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter. | ||||
| CVE-2010-4987 | 1 Kmsoft | 1 Guestbook | 2025-04-11 | N/A |
| SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GBook) allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||