Search
Total
4188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4940 | 1 Wanewsletter | 1 Wanewsletter | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-4942 | 1 E-xoopport | 1 Samsara | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in location.php in the eCal module in E-Xoopport Samsara 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter. | |||||
| CVE-2010-4944 | 2 Joomla, Mambo-foundation | 3 Com Elite Experts, Joomla\!, Mambo | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php. | |||||
| CVE-2010-4945 | 1 Joomla | 2 Com Camelcitydb2, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2010-4952 | 2 Joachim Ruhs, Typo3 | 2 Festat, Typo3 | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4954 | 1 Gambio | 1 Xt\ | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_reviews_info.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the products_id parameter. | |||||
| CVE-2010-4955 | 1 Php-programs | 1 Apboard Developers Apboard | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in board/board.php in APBoard Developers APBoard 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3078. | |||||
| CVE-2010-4959 | 1 Preproject | 1 Pre Podcast Portal | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login feature in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2010-4961 | 2 Dev-team Typoheads, Typo3 | 2 Webkitpdf, Typo3 | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Webkit PDFs (webkitpdf) extension before 1.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4967 | 1 Atcom | 1 Netvolution | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter. | |||||
| CVE-2010-4972 | 1 Ypninc | 1 Jokescript | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in YPNinc JokeScript allows remote attackers to execute arbitrary SQL commands via the ypncat_id parameter. | |||||
| CVE-2010-4974 | 1 Brotherscripts | 1 Auto Dealer | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in info.php in BrotherScripts (BS) and ScriptsFeed Auto Dealer allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-4975 | 2 Joomla, Techjoomla | 2 Joomla\!, Com Socialads | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php. | |||||
| CVE-2010-4979 | 1 Nicholas Berry | 1 Candid | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter. | |||||
| CVE-2010-4996 | 1 Esoftpro | 1 Online Guestbook Pro | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2010-4981 | 1 Yourfreeworld | 1 Banner Management | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4982 | 1 Mykazaam | 1 Address \& Contact Organizer | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in address_book/contacts.php in My Kazaam Address & Contact Organizer allows remote attackers to execute arbitrary SQL commands via the var1 parameter. | |||||
| CVE-2010-4984 | 1 Mykazaam | 1 Notes Management System | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to execute arbitrary SQL commands via vectors involving the "Enter Reference Number Below" text box. | |||||
| CVE-2010-4987 | 1 Kmsoft | 1 Guestbook | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GBook) allows remote attackers to execute arbitrary SQL commands via the p parameter. | |||||
| CVE-2010-4989 | 1 Farsi-cms | 1 Ziggurat Farsi Cms | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter. | |||||
| CVE-2010-4990 | 2 B-elektro, Joomla | 2 Com Addressbook, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php. | |||||
| CVE-2010-4991 | 2 Joomla, Ninjaforge | 2 Joomla\!, Ninjamonials | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to index.php. | |||||
| CVE-2010-4992 | 2 Joomla, Paymentsplus | 2 Joomla\!, Payments Plus | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. | |||||
| CVE-2010-4993 | 2 Joomla, Kay Messerschmidt | 2 Joomla\!, Com Eventcal | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
| CVE-2010-4994 | 2 Instantphp, Joomla | 2 Jobs Pro, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the detailed_results parameter to search_jobs.html. | |||||
| CVE-2010-4995 | 2 Joomla, Neojoomla | 2 Joomla\!, Com Neorecruit | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506. | |||||
| CVE-2010-5044 | 2 Joomla, Kanich | 2 Joomla\!, Com Searchlog | 2017-08-29 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4999 | 1 Esoftpro | 1 Online Photo Pro | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter. | |||||
| CVE-2010-5001 | 1 Esoftpro | 1 Online Contact Manager | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5003 | 2 Autartica, Joomla | 2 Com Autartimonial, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5056 | 2 Gbu Grafici, Joomla | 2 Com Gbufacebook, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the GBU Facebook (com_gbufacebook) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the face_id parameter in a show_face action to index.php. | |||||
| CVE-2010-5009 | 1 Ut-files | 1 Utstats | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action. | |||||
| CVE-2010-5011 | 1 Schoolmation | 1 Schoolmation | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter. | |||||
| CVE-2010-5012 | 1 David Noguera Gutierrez | 1 Dalogin | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5013 | 1 Mckenziecreations | 1 Virtual Real Estate Manager | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in listing_detail.asp in Mckenzie Creations Virtual Real Estate Manager (VRM) 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter. | |||||
| CVE-2010-5014 | 1 Eliteladders | 1 Elite Gaming Ladders | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter. | |||||
| CVE-2010-5015 | 1 2daybiz | 1 Network Community Script | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter. | |||||
| CVE-2010-5016 | 1 Eliteladders | 1 Elite Gaming Ladders | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the match parameter. | |||||
| CVE-2010-5017 | 1 Eliteladders | 1 Elite Gaming Ladders | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter. | |||||
| CVE-2010-5021 | 1 Cramerdev | 1 Document Library | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_group.asp in Digital Interchange Document Library 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intGroupID parameter. | |||||
| CVE-2010-5023 | 1 Cramerdev | 1 Digital Interchange Calendar | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intDivisionID parameter. | |||||
| CVE-2010-5026 | 1 Sfiab | 1 Science Fair In A Box | 2017-08-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5028 | 2 Harmistechnology, Joomla | 2 Com Jejob, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | |||||
| CVE-2010-5032 | 2 Joomla, Tamlyncreative | 2 Joomla\!, Com Bfquiztrial | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php. | |||||
| CVE-2010-5033 | 1 Fusebox | 1 Fusebox | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows remote attackers to execute arbitrary SQL commands via the CatDisplay parameter. | |||||
| CVE-2010-5034 | 1 Iscripts | 1 Easybiller | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewhistorydetail.php in iScripts EasyBiller 1.1 allows remote attackers to execute arbitrary SQL commands via the planid parameter. | |||||
| CVE-2010-5036 | 1 Iscripts | 1 Eswap | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. | |||||
| CVE-2010-5039 | 1 Scriptsfeed | 1 Recipes Listing Portal | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in control/admin_login.php in ScriptsFeed Recipes Listing Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter (aka the UserName field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5041 | 2 John Bradshaw, Nucleuscms | 2 Np Gallery Plugin, Nucleus | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action. | |||||
| CVE-2010-5043 | 2 Blueconstantmedia, Joomla | 2 Com Djartgallery, Joomla\! | 2017-08-29 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid[] parameter in an editItem action to administrator/index.php. | |||||