Search
Total
8599 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1726 | 1 Alibabaclone | 1 Ec21 Clone | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1725 | 1 Alibabaclone | 1 Alibaba Clone Platinum | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in offers_buy.php in Alibaba Clone Platinum allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1721 | 2 Joomla, Thethinkery | 2 Joomla\!, Com Iproperty | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php. | |||||
| CVE-2010-1720 | 2 Joomla, Qproje | 2 Joomla\!, Com Qpersonel | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php. | |||||
| CVE-2010-1716 | 2 Joomla, Joomlanetprojects | 2 Joomla\!, Com Agenda | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2010-1713 | 1 Postnuke | 1 Postnuke | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in PostNuke 0.764 allows remote attackers to execute arbitrary SQL commands via the sid parameter in a News article modload action. | |||||
| CVE-2010-1708 | 1 Freerealty.rwcinc | 1 Free Realty | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter). | |||||
| CVE-2010-1706 | 1 2daybiz | 1 Auction Script | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote attackers to execute arbitrary SQL commands via (1) the login field (aka the username parameter), and possibly (2) the password field, to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1702 | 1 Whmcs | 1 Whmcs | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in submitticket.php in WHMCompleteSolution (WHMCS) 4.2 allows remote attackers to execute arbitrary SQL commands via the deptid parameter. | |||||
| CVE-2010-1704 | 1 2daybiz | 1 Polls Script | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in 2daybiz Polls (aka Advanced Poll) Script allow remote attackers to execute arbitrary SQL commands via (1) the password field to login.php, (2) the login field (aka email parameter) to login.php, (3) the password field (aka pass parameter) to the default URI under admin/, and possibly (4) the login field to the default URI under admin/. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1669 | 1 Mahara | 1 Mahara | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Mahara 1.1.x before 1.1.9 and 1.2.x before 1.2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-1661 | 1 Jcink | 1 Php-quick-arcade | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) 3.0.21 allow remote attackers to execute arbitrary SQL commands via the (1) phpqa_user_c parameter to Arcade.php and the (2) id parameter to acpmoderate.php. | |||||
| CVE-2010-1660 | 1 Clscript | 1 Clscript Classifieds Script | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in help-details.php in CLScript Classifieds Script allows remote attackers to execute arbitrary SQL commands via the hpId parameter. | |||||
| CVE-2010-1656 | 1 Airiny | 1 Com Abc | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Airiny ABC (com_abc) component 1.1.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sectionid parameter in an abc action to index.php. | |||||
| CVE-2010-1605 | 1 Ncrypted | 1 Nct Jobs Portal Script | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs Portal Script allow remote attackers to execute arbitrary SQL commands via the (1) anyword and (2) cityname parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-1604 | 1 Ncrypted | 1 Nct Jobs Portal Script | 2017-08-17 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs Portal Script allow remote attackers to execute arbitrary SQL commands via the (1) user parameter (aka login field) and (2) passwd parameter (aka password field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1600 | 2 Joomla, Thefactory | 2 Joomla\!, Com Mediamall | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php. | |||||
| CVE-2010-1599 | 1 Nkinfoweb | 1 Nkinfoweb | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2.2.0 allows remote attackers to execute arbitrary SQL commands via the id_sp parameter. | |||||
| CVE-2010-1595 | 1 Ocsinventory-ng | 1 Ocs Inventory Ng | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to execute arbitrary SQL commands via the (1) c, (2) val_1, or (3) onglet_bis parameter. | |||||
| CVE-2010-1588 | 1 Vpasp | 1 Vp-asp Shopping Cart | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier allows remote attackers to execute arbitrary SQL commands via the websess parameter. | |||||
| CVE-2010-1583 | 2 Taskfreak, Tirzen | 2 Taskfreak\!, Tirzen Framework | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action. | |||||
| CVE-2010-1538 | 1 Bluestrikeweb | 1 Phpraincheck | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in print_raincheck.php in phpRAINCHECK 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1529 | 2 Freestyle, Joomla | 2 Faqs Lite, Joomla\! | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq action to index.php. | |||||
| CVE-2010-1499 | 1 Musicboxv2 | 1 Musicbox | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in genre_artists.php in MusicBox 3.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1496 | 2 Jolt, Joomla | 2 Com Joltcard, Joomla\! | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cardID parameter in a view action to index.php. | |||||
| CVE-2010-1493 | 2 Awdsolution, Joomla | 2 Com Awdwall, Joomla\! | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php. | |||||
| CVE-2010-1426 | 1 Modxcms | 1 Modxcms | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in MODx Evolution before 1.0.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors related to WebLogin. | |||||
| CVE-2010-1372 | 2 Hdflvplayer, Joomla | 2 Com Hdflvplayer, Joomla\! | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2010-1368 | 1 Gamescript | 1 Gamescript | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in GameScript (GS) 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action. | |||||
| CVE-2010-1363 | 2 Extremejoomla, Joomla | 2 Com J-projects, Joomla\! | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php. | |||||
| CVE-2010-1498 | 1 Clausvb | 1 Dl Stats | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in dl_stats before 2.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) download.php and (2) view_file.php. | |||||
| CVE-2010-1350 | 2 Joomla, Joomlaprojects | 2 Joomla\!, Com Jp Jobs | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2010-1346 | 1 Ribafs | 1 Mini Cms Ribafs | 2017-08-17 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1344 | 2 Cookex, Joomla | 2 Com Ckforms, Joomla\! | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php. | |||||
| CVE-2010-1343 | 1 Bjsintay | 1 Sitex | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter. | |||||
| CVE-2010-1341 | 1 Systemsoftware | 1 Community Black Forum | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attackers to execute arbitrary SQL commands via the s_flaeche parameter. | |||||
| CVE-2010-1338 | 2 Robertotto, Woltlab | 2 Teamsite Hack Plugin, Burning Board | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action. | |||||
| CVE-2010-1336 | 1 Invohost | 1 Invohost | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) newlanguage parameters to site.php, (3) search parameter to manuals.php, and (4) unspecified vectors to faq.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1331 | 1 Heartlogic | 1 Hl-sitemanager | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2010-1327 | 1 Tornadostore | 1 Tornadostore | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the marca parameter to precios.php3 or (2) the where parameter in a delivery_courier action to control/abm_list.php3. | |||||
| CVE-2010-1301 | 1 Merethis | 1 Centreon | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the host_id parameter. | |||||
| CVE-2010-1300 | 1 Yamamah | 1 Yamamah | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Album) 1.00 allows remote attackers to execute arbitrary SQL commands via the calbums parameter. | |||||
| CVE-2010-1271 | 1 Smart-plugs | 1 Smartplugs | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute arbitrary SQL commands via the domain parameter. | |||||
| CVE-2010-1270 | 1 Phpscripte24 | 1 Multi Suktions Komplett System | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | |||||
| CVE-2010-1269 | 1 Phpscripte24 | 1 Niedrig Gebote Pro Auktions System Ii | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | |||||
| CVE-2010-1134 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the _find function in searchlib.php in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to execute arbitrary SQL commands via the $searchDate variable. | |||||
| CVE-2010-1133 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in TikiWiki CMS/Groupware 4.x before 4.2 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to (1) tiki-searchindex.php and (2) tiki-searchresults.php. | |||||
| CVE-2010-1109 | 1 Djayp | 1 Phpmysport | 2017-08-17 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in index.php in phpMySport 1.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) v2 parameter in a member view action, (2) v1 parameter in a news action, (3) v1 parameter in an information action, (4) v2 parameter in a team view action, (5) v2 parameter in a club view action, or (6) v2 parameter in a matches view action. | |||||
| CVE-2010-1094 | 1 Miethner-scripting | 1 Dz Erotik Auktionshaus V4rgo | 2017-08-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in DZ EROTIK Auktionshaus V4rgo allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1092 | 1 Scriptsfeed | 1 Business Directory Software | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow remote attackers to execute arbitrary SQL commands via the (1) us and (2) ps parameters. | |||||