Search
Total
4188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-5047 | 1 V-eva | 1 Press Release Script | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in page.php in V-EVA Press Release Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5055 | 1 Almnzm | 1 Almnzm | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Almnzm 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5057 | 1 Alephsystem | 1 Cms Ariadna | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detResolucion.php in CMS Ariadna 1.1 allows remote attackers to execute arbitrary SQL commands via the tipodoc_id parameter. | |||||
| CVE-2010-5058 | 1 Alephsystem | 1 Cms Ariadna | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detResolucion.php in CMS Ariadna 1.1 allows remote attackers to execute arbitrary SQL commands via the res_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-5060 | 1 Internet-works | 1 Nus Newssystem | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Nus.php in NUs Newssystem 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-5061 | 1 Rsstatic | 1 Rsstatic | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RSStatic allows remote attackers to execute arbitrary SQL commands via the maxarticles parameter. | |||||
| CVE-2010-5062 | 1 Mh Products | 1 Kleinanzeigenmarkt | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in MH Products kleinanzeigenmarkt allows remote attackers to execute arbitrary SQL commands via the c parameter. | |||||
| CVE-2010-5287 | 1 Cstech | 1 Webconductor | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.php in Cornerstone Technologies webConductor allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2011-2080 | 1 Inventivetec | 1 Mediacast | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MediaCAST 8 and earlier allow remote attackers to execute arbitrary SQL commands via (1) a CP_ENLARGESTYLE cookie to the default URI under inventivex/managetraining/ or (2) unspecified input to authenticate_ad_setup_finished.cfm. | |||||
| CVE-2011-2141 | 1 Ibm | 1 Datacap Taskmaster Capture | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in TMWeb in IBM Datacap Taskmaster Capture 8.0.1 before FP1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-2149 | 1 Smartertools | 1 Smarterstats | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the SmarterTools SmarterStats 6.0 web server allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) Admin/frmSite.aspx, (2) Default.aspx, (3) Services/SiteAdmin.asmx, or (4) Client/frmViewReports.aspx; certain cookies to (5) Services/SiteAdmin.asmx or (6) login.aspx; the Referer HTTP header to (7) Services/SiteAdmin.asmx or (8) login.aspx; or (9) the User-Agent HTTP header to Services/SiteAdmin.asmx. | |||||
| CVE-2011-2403 | 1 Hp | 1 Network Automation | 2017-08-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-2467 | 1 Likewise | 1 Likewise Open | 2017-08-29 | 5.8 MEDIUM | N/A |
| SQL injection vulnerability in lsassd in Lsass in the Likewise Security Authority in Likewise Open 5.4 through 6.1, and Likewise Enterprise 6.0, allows local users to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-2546 | 1 Cisco | 4 Sa500 Software, Sa520, Sa520w and 1 more | 2017-08-29 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669. | |||||
| CVE-2011-2944 | 1 Megalab | 1 The Uploader | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in MegaLab The Uploader before 2.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-7301 | 1 Sclek | 1 Jsite | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2003-1598 | 1 Wordpress | 1 Wordpress | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable. | |||||
| CVE-2011-1609 | 1 Cisco | 1 Unified Communications Manager | 2017-08-17 | 8.5 HIGH | N/A |
| SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtg85647. | |||||
| CVE-2011-1556 | 1 Aphpkb | 1 Aphpkb | 2017-08-17 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in plugins/pdfClasses/pdfgen.php in Andy's PHP Knowledgebase (Aphpkb) 0.95.4 allows remote attackers to execute arbitrary SQL commands via the pdfa parameter. | |||||
| CVE-2011-1328 | 1 Radvision | 1 Iview Suite | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in RADVISION iVIEW Suite before 7.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-1343 | 1 Ibm | 1 Tivoli Netcool\/omnibus | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus before 7.3.0.4 allows remote attackers to execute arbitrary SQL commands via "dynamic SQL parameters." | |||||
| CVE-2011-1686 | 1 Bestpractical | 1 Rt | 2017-08-17 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, as demonstrated by reading data. | |||||
| CVE-2011-1667 | 1 Xmedien | 1 Anzeigenmarkt | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action. | |||||
| CVE-2011-1390 | 1 Ibm | 1 Rational Clearquest | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Maintenance tool in IBM Rational ClearQuest 7.1.1.x before 7.1.1.9, 7.1.2.x before 7.1.2.6, and 8.x before 8.0.0.2 allows remote attackers to execute arbitrary SQL commands by leveraging an error in the user-database upgrade feature. | |||||
| CVE-2011-1913 | 1 Mercator | 1 Sentinel | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login form in the web interface in Mercator SENTINEL 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-1663 | 2 Drupal, Icanlocalize | 2 Drupal, Translation Management | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-1722 | 2 Typo3, Webempoweredchurch | 2 Typo3, Wec Discussion | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in April 2011. | |||||
| CVE-2010-4144 | 1 Aspindir | 1 Kisisel Radyo Script | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter. | |||||
| CVE-2011-0960 | 1 Cisco | 1 Unified Operations Manager | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716. | |||||
| CVE-2010-4635 | 1 Site2nite | 1 Vacation Rental Listings | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental (VRBO) Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2011-0646 | 1 Anserv | 1 Php Low Bids | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2011-0645 | 1 Phpcms | 1 Phpcms 2008 | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the where_time parameter in a get action. | |||||
| CVE-2011-0644 | 1 Phpcms | 1 Phpcms 2008 | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flash_upload.php. | |||||
| CVE-2010-4636 | 1 Site2nite | 1 Business E-listings | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.asp in Site2Nite Business e-Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2010-4639 | 1 Intendance | 1 Mysource Matrix | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-4641 | 1 Xwiki | 1 Xwiki | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in XWiki Enterprise before 2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4702 | 2 Fxwebdesign, Joomla | 2 Com Jradio, Joomla\! | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4269 | 1 O-dyn | 1 Collabtive | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in managechat.php in Collabtive 0.65 allows remote attackers to execute arbitrary SQL commands via the chatstart[USERTOID] cookie in a pull action. | |||||
| CVE-2010-4751 | 1 Lightneasy | 1 Lightneasy | 2017-08-17 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the id parameter in an edituser action, a different vector than CVE-2008-6593, CVE-2010-3484, and CVE-2010-3485. | |||||
| CVE-2010-4147 | 1 Avactis | 1 Avactis Shopping Cart | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header to (1) index.php and (2) product-list.php. | |||||
| CVE-2010-4752 | 1 Lightneasy | 1 Lightneasy | 2017-08-17 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter, a different vector than CVE-2008-6593, CVE-2010-3484, and CVE-2010-3485. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-4776 | 1 Preprojects | 1 Pre Online Tests Generator | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via the tid2 parameter. | |||||
| CVE-2010-4791 | 2 Marcusg, Php-fusion | 2 Mg User Fotoalbum Panel, Php-fusion | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in infusions/mg_user_fotoalbum_panel/mg_user_fotoalbum.php in the MG User-Fotoalbum (mg_user_fotoalbum_panel) module 1.0.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the album_id parameter. | |||||
| CVE-2011-0549 | 1 Symantec | 1 Web Gateway | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2010-4793 | 1 Site2nite | 1 Auto E-manager | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.asp in Site2Nite Auto e-Manager allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2011-0516 | 1 Epromptc | 1 Betmore Site Suite | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mainx_a.php in E-PROMPT C BetMore Site Suite 4.0 through 4.2.0 allows remote attackers to execute arbitrary SQL commands via the bid parameter. | |||||
| CVE-2010-4795 | 2 Joomla, Joomlaseller | 2 Joomla\!, Com Jscalendar | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ev_id parameter in a details action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4272 | 2 Joomla, Pulseinfotech | 2 Joomla\!, Com Sponsorwall | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sponsorwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||
| CVE-2010-4796 | 1 Phpyun | 1 Phpyun | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PHPYun 1.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) provinceid parameter to search.php and the (2) e parameter to resumeview.php. | |||||
| CVE-2010-4797 | 1 Truworthit | 1 Flex Timesheet | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the log-in form in Truworth Flex Timesheet allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. | |||||