Export limit exceeded: 19506 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19506 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-1364 | 1 Uiga | 1 Personal Portal | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1365 | 1 Uiga | 1 Fan Club | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. | ||||
| CVE-2013-5917 | 2 Rodrigo Coimbra, Wordpress | 2 Nospam Pti, Wordpress | 2025-04-11 | N/A |
| SQL injection vulnerability in wp-comments-post.php in the NOSpam PTI plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the comment_post_ID parameter. | ||||
| CVE-2010-1366 | 1 Uiga | 1 Fan Club | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password parameters. | ||||
| CVE-2013-5931 | 1 Real-estate-php-script | 1 Real Estate Php Script | 2025-04-11 | N/A |
| SQL injection vulnerability in property_listings_detail.php in Real Estate PHP Script allows remote attackers to execute arbitrary SQL commands via the listingid parameter. | ||||
| CVE-2012-4601 | 1 Tecnick | 1 Tcexam | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_groups[] parameter to admin/code/tce_edit_test.php or (2) subject_id parameter to admin/code/tce_show_all_questions.php. | ||||
| CVE-2011-4542 | 1 Hastymail | 1 Hastymail2 | 2025-04-11 | N/A |
| Hastymail2 2.1.1 before RC2 allows remote attackers to execute arbitrary commands via the (1) rs or (2) rsargs[] parameter in a mailbox Drafts action to the default URI. | ||||
| CVE-2010-1493 | 2 Awdsolution, Joomla | 2 Com Awdwall, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php. | ||||
| CVE-2010-1496 | 2 Jolt, Joomla | 2 Com Joltcard, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cardID parameter in a view action to index.php. | ||||
| CVE-2010-1498 | 1 Clausvb | 1 Dl Stats | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in dl_stats before 2.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) download.php and (2) view_file.php. | ||||
| CVE-2010-1499 | 1 Musicboxv2 | 1 Musicbox | 2025-04-11 | N/A |
| SQL injection vulnerability in genre_artists.php in MusicBox 3.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2011-4559 | 1 Vtiger | 1 Vtiger Crm | 2025-04-11 | N/A |
| SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php. | ||||
| CVE-2011-4570 | 2 Joomla, Takeaweb | 2 Joomla\!, Com Timereturns | 2025-04-11 | N/A |
| SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php. | ||||
| CVE-2012-4673 | 1 Thomas Hunter | 1 Neoinvoice | 2025-04-11 | N/A |
| SQL injection vulnerability in application/controllers/invoice.php in NeoInvoice might allow remote attackers to execute arbitrary SQL commands via vectors involving the sort_col variable in the list_items function, a different vulnerability than CVE-2012-3477. | ||||
| CVE-2010-3479 | 1 Boutikone | 1 Boutikone | 2025-04-11 | N/A |
| SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2010-3481 | 1 Apphp | 1 Php Microcms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) password variables, possibly related to include/classes/Login.php. NOTE: some of these details are obtained from third party information. NOTE: the password vector might not be vulnerable. | ||||
| CVE-2010-1595 | 1 Ocsinventory-ng | 1 Ocs Inventory Ng | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to execute arbitrary SQL commands via the (1) c, (2) val_1, or (3) onglet_bis parameter. | ||||
| CVE-2010-3482 | 1 Bouzouste | 1 Primitive Cms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in cms_write.php in Primitive CMS 1.0.9 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) title and (2) menutitle parameters. NOTE: this can be leveraged with CVE-2010-3483 to conduct attacks without authentication. | ||||
| CVE-2010-3484 | 1 Lightneasy | 1 Lightneasy | 2025-04-11 | N/A |
| SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the handle parameter to LightNEasy.php, a different vector than CVE-2008-6593. | ||||
| CVE-2010-3485 | 1 Lightneasy | 1 Lightneasy | 2025-04-11 | N/A |
| SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the userhandle cookie to LightNEasy.php, a different vector than CVE-2008-6593. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||