Search
Total
8599 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4636 | 1 Site2nite | 1 Business E-listings | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.asp in Site2Nite Business e-Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2010-4635 | 1 Site2nite | 1 Vacation Rental Listings | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental (VRBO) Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2010-4633 | 1 Sumeffect | 1 Digishop | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cart.php in digiSHOP 2.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vulnerability than CVE-2005-4614.1. | |||||
| CVE-2010-4619 | 1 Webscripti | 1 Mafya Oyun Scrpti | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka Mafia Game Script) allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-4615 | 1 Iskenderaltuntas | 1 Oto Galeri Sistemi | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) arac parameter to carsdetail.asp and the (2) marka parameter to twohandscars.asp. | |||||
| CVE-2010-4496 | 1 Tibco | 2 Activecatalog, Collaborative Information Manager | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-1064 | 1 Qibosoft | 1 Qi Bo Cms | 2017-08-17 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 allows remote attackers to execute arbitrary SQL commands via the aidDB[] parameter. | |||||
| CVE-2011-1100 | 1 Pixelpost | 1 Pixelpost | 2017-08-17 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action. | |||||
| CVE-2010-4273 | 1 Accimoveis | 1 Descargarvista Acc Imoveis | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in imoveis.php in DescargarVista ACC IMoveis 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-4272 | 2 Joomla, Pulseinfotech | 2 Joomla\!, Com Sponsorwall | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sponsorwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||
| CVE-2010-4269 | 1 O-dyn | 1 Collabtive | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in managechat.php in Collabtive 0.65 allows remote attackers to execute arbitrary SQL commands via the chatstart[USERTOID] cookie in a pull action. | |||||
| CVE-2010-4268 | 2 Joomla, Pulseinfotech | 2 Joomla\!, Com Flipwall | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Pulse Infotech Flip Wall (com_flipwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||
| CVE-2010-4186 | 1 Onlinetechtools.com | 1 Oasys Professional | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Professional Edition 2.10 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4147 | 1 Avactis | 1 Avactis Shopping Cart | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header to (1) index.php and (2) product-list.php. | |||||
| CVE-2010-4144 | 1 Aspindir | 1 Kisisel Radyo Script | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter. | |||||
| CVE-2010-3929 | 1 Modxcms | 1 Evolution | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to AjaxSearch. | |||||
| CVE-2010-3924 | 1 Aimluck | 1 Aipo | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-2611 | 1 I-netsolution | 1 Job Search Engine Script | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | |||||
| CVE-2010-3481 | 1 Apphp | 1 Php Microcms | 2017-08-17 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) password variables, possibly related to include/classes/Login.php. NOTE: some of these details are obtained from third party information. NOTE: the password vector might not be vulnerable. | |||||
| CVE-2010-3479 | 1 Boutikone | 1 Boutikone | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2010-3467 | 1 E-xoopport | 1 Samsara | 2017-08-17 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in modules/sections/index.php in E-Xoopport Samsara 3.1 and earlier, when the Tutorial module is enabled, allows remote attackers to execute arbitrary SQL commands via the secid parameter in a listarticles action. | |||||
| CVE-2010-3461 | 1 Endonesia | 1 Endonesia | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Publisher module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printarticle action to mod.php, a different vector than CVE-2007-3394. | |||||
| CVE-2010-3423 | 2 Drupal, Freka | 2 Drupal, Yr Verdata | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Yr Weatherdata module for Drupal 6.x before 6.x-1.6 allows remote attackers to execute arbitrary SQL commands via the sorting method. | |||||
| CVE-2010-3404 | 1 Eshtery.she7ata | 1 Eshtery Cms | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in eshtery CMS (aka eshtery.com) allow remote attackers to execute arbitrary SQL commands via the (1) Criteria field in an unspecified form related to catlgsearch.aspx or (2) user name to an unspecified form related to adminlogin.aspx. | |||||
| CVE-2010-3212 | 1 Seagullproject.org | 1 Seagull | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via the frmQuestion parameter in a retrieve action, in conjunction with a user/password PATH_INFO. | |||||
| CVE-2010-3211 | 2 Jextn, Joomla | 2 Com Jefaqpro, Joomla\! | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with (1) the catid parameter or (2) the catid parameter in a lists action. | |||||
| CVE-2010-3207 | 1 Galeriashqip | 1 Galeriashqip | 2017-08-17 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the album_id parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2933 | 1 Avscripts | 1 Av Arcade | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the ava_code cookie to the "main page," related to index.php and the login task. | |||||
| CVE-2010-2926 | 1 Solucija | 1 Snews | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in sNews 1.7 allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2010-2925 | 1 Openfreeway | 1 Freeway | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Freeway CMS 1.4.3.210 allows remote attackers to execute arbitrary SQL commands via the ecPath parameter. | |||||
| CVE-2010-2923 | 2 Joomla, Prasanna | 2 Joomla\!, Com Youtube | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the YouTube (com_youtube) component 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_cate parameter to index.php. | |||||
| CVE-2010-2922 | 1 Ali Kenan | 1 Aky Blog | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in AKY Blog allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-2921 | 2 Joomla, Photoindochina | 2 Joomla\!, Com Golfcourseguide | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Golf Course Guide (com_golfcourseguide) component 0.9.6.0 beta and 1 beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a golfcourses action to index.php. | |||||
| CVE-2010-2919 | 2 Joomla, Joomlaxt | 2 Joomla\!, Com Staticxt | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the StaticXT (com_staticxt) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2010-2916 | 1 Ajsquare | 1 Aj Hyip | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in AJ Square AJ HYIP MERIDIAN allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-2915 | 1 Ajsquare | 1 Aj Hyip | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-2924 | 2 Silvercover, Wordpress | 2 Mylinksdump Plugin, Wordpress | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in myLDlinker.php in the myLinksDump Plugin 1.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the url parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2911 | 1 Kayako | 1 Esupport | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a viewnews action. | |||||
| CVE-2010-2910 | 2 Alexred, Joomla | 2 Com Oziogallery, Joomla\! | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
| CVE-2010-2908 | 2 Joomdle, Joomla | 2 Com Joomdle, Joomla\! | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joomdle (com_joomdle) component 0.24 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the course_id parameter in a detail action to index.php. | |||||
| CVE-2010-2907 | 2 Huruhelpdesk, Joomla | 2 Com Huruhelpdesk, Joomla\! | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a detail action to index.php. | |||||
| CVE-2010-2906 | 2 Brotherscripts, Scriptsfeed | 2 Scripts Directory, Scripts Directory | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in articlesdetails.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-2905. | |||||
| CVE-2010-2905 | 2 Brotherscripts, Scriptsfeed | 2 Scripts Directory, Scripts Directory | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in info.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-2912 | 1 Kayako | 1 Esupport | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the _a parameter in a downloads action. | |||||
| CVE-2010-2853 | 1 Iscripts | 1 Visualcaster | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote attackers to execute arbitrary SQL commands via the product_id parameter. | |||||
| CVE-2010-2845 | 2 Joomla, Schlu.net | 2 Joomla\!, Com Quickfaq | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index.php. | |||||
| CVE-2010-2721 | 1 Rightinpoint | 1 Lyrics Engine | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to execute arbitrary SQL commands via the artist_id parameter in an addalbum action. | |||||
| CVE-2010-2719 | 1 Phpaa | 1 Phpaacms | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show.php in phpaaCms 0.3.1 UTF-8, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-2716 | 1 Rich Kavanagh | 1 Psnews | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) ndetail.php and (2) print.php. | |||||
| CVE-2010-2720 | 1 Phpaa | 1 Phpaacms | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in list.php in phpaaCms 0.3.1 UTF-8, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information. | |||||