Export limit exceeded: 19503 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19503 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4891 | 2 Andreas Kiefer, Typo3 | 2 Ke Yac, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-4894 | 1 Chillycms | 1 Chillycms | 2025-04-11 | N/A |
| SQL injection vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4897 | 1 Bluecms Project | 1 Bluecms | 2025-04-11 | N/A |
| SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action. | ||||
| CVE-2010-4905 | 1 Softbizscripts | 1 Article Directory Script | 2025-04-11 | N/A |
| SQL injection vulnerability in article_details.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbiz_id parameter. | ||||
| CVE-2010-4923 | 1 Virtuenetz | 1 Virtue Book Store | 2025-04-11 | N/A |
| SQL injection vulnerability in book/detail.php in Virtue Netz Virtue Book Store allows remote attackers to execute arbitrary SQL commands via the bid parameter. | ||||
| CVE-2010-4926 | 2 Joomla, Timetrack | 2 Joomla\!, Com Timetrack | 2025-04-11 | N/A |
| SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to index.php. | ||||
| CVE-2010-4937 | 2 Joomla, Robitbt | 2 Joomla\!, Com Amblog | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the Amblog (com_amblog) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) articleid or (2) catid parameter to index.php. | ||||
| CVE-2010-4941 | 2 Joomla, Joomlamo | 2 Joomla\!, Com Teams | 2025-04-11 | N/A |
| SQL injection vulnerability in the Teams (com_teams) component 1_1028_100809_1711 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PlayerID parameter in a player save action to index.php. | ||||
| CVE-2010-4942 | 1 E-xoopport | 1 Samsara | 2025-04-11 | N/A |
| SQL injection vulnerability in location.php in the eCal module in E-Xoopport Samsara 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter. | ||||
| CVE-2012-0973 | 1 Osclass | 1 Osclass | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the sCategory parameter to index.php, which is not properly handled by the (1) osc_search_category_id function in oc-includes/osclass/helpers/hSearch.php and (2) findBySlug function oc-includes/osclass/model/Category.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4944 | 2 Joomla, Mambo-foundation | 3 Com Elite Experts, Joomla\!, Mambo | 2025-04-11 | N/A |
| SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php. | ||||
| CVE-2012-0980 | 1 Phux | 1 Download Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in download.php in phux Download Manager allows remote attackers to execute arbitrary SQL commands via the file parameter. | ||||
| CVE-2010-4945 | 1 Joomla | 2 Com Camelcitydb2, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2013-7225 | 1 Fatfreecrm | 1 Fat Free Crm | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in app/controllers/home_controller.rb in Fat Free CRM before 0.12.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the homepage timeline feature or (2) the activity feature. | ||||
| CVE-2011-1060 | 1 Webmastersite | 1 Wsn Guest | 2025-04-11 | N/A |
| SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php. | ||||
| CVE-2011-1048 | 1 Mihantools | 1 Mihantools | 2025-04-11 | N/A |
| SQL injection vulnerability in product.php in MihanTools 1.33 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2013-7219 | 1 2glux | 1 Com Sexypolling | 2025-04-11 | N/A |
| SQL injection vulnerability in vote.php in the 2Glux Sexy Polling (com_sexypolling) component before 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the answer_id[] parameter. | ||||
| CVE-2013-7216 | 1 Etoshop | 1 Classifieds Creator | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Classifieds Creator 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to demo/classifieds/product.asp, or (2) UserID or (3) Password field to demo/classifieds/admin.asp. | ||||
| CVE-2014-1671 | 1 Dell | 5 Kace K1000 Systems Management Appliance, Kace K1000 Systems Management Appliance Software, Kace K1000 Systems Management Virtual Appliance and 2 more | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Dell KACE K1000 5.4.76847 and possibly earlier allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the macAddress element in a (1) getUploadPath or (2) getKBot SOAP request to service/kbot_service.php; the ID parameter to (3) userui/advisory_detail.php or (4) userui/ticket.php; and the (5) ORDER[] parameter to userui/ticket_list.php. | ||||
| CVE-2012-2338 | 1 Johan Cwiklinski | 1 Galette | 2025-04-11 | N/A |
| SQL injection vulnerability in includes/picture.class.php in Galette 0.63, 0.63.1, 0.63.2, 0.63.3, and 0.64rc1 allows remote attackers to execute arbitrary SQL commands via the id_adh parameter to picture.php. | ||||