Search
Total
8599 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4966 | 2 Elemente, Typo3 | 2 Ast Addresszipsearch, Typo3 | 2010-07-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the AST ZipCodeSearch (ast_addresszipsearch) extension 0.5.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4959 | 2 Stefan Koch, Typo3 | 2 T3m, Typo3 | 2010-07-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) extension 0.2.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4969 | 1 Typo3 | 2 Sbanner, Typo3 | 2010-07-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Solidbase Bannermanagement (SBbanner) extension 1.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4971 | 2 Typo3, Vincent Tietz | 2 Typo3, Vjchat | 2010-07-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the AJAX Chat (vjchat) extension before 0.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4967 | 2 Jochen Rieger, Typo3 | 2 Car, Typo3 | 2010-07-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Car (car) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4955 | 2 Thomas Hempel, Typo3 | 2 Th Ultracards, Typo3 | 2010-07-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the ultraCards (th_ultracards) extension before 0.5.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4950 | 2 Tim Lochmueller \& Thomas Buss, Typo3 | 2 A21glossary Advanced Output, Typo3 | 2010-07-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the A21glossary Advanced Output (a21glossary_advanced_output) extension before 0.1.12 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4954 | 2 Typo3, Websedit | 2 Typo3, Sk Calendar | 2010-07-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Versatile Calendar Extension [VCE] (sk_calendar) extension before 0.3.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4949 | 2 Joachim Ruhs, Typo3 | 2 Locator, Typo3 | 2010-07-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-2689 | 1 Internetdm | 1 Webdm Cms | 2010-07-13 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cont_form.php in Internet DM WebDM CMS allows remote attackers to execute arbitrary SQL commands via the cf_id parameter. | |||||
| CVE-2010-2699 | 1 Edgephp | 1 Clickbank Affiliate Marketplace Script | 2010-07-13 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2010-2694 | 2 Joomla, Redcomponent | 2 Joomla\!, Com Redshop | 2010-07-13 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter to index.php. | |||||
| CVE-2010-2683 | 1 Customerparadigm | 1 Pagedirector Cms | 2010-07-12 | 7.5 HIGH | N/A |
| SQL injection vulnerability in result.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the sub_catid parameter. | |||||
| CVE-2010-2690 | 2 Jooforge, Joomla | 2 Com Gamesbox, Joomla\! | 2010-07-12 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) component 1.0.2, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a consoles action to index.php. | |||||
| CVE-2010-2672 | 1 Ez | 1 Ez Publish | 2010-07-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) SectionID and (2) SearchTimestamp parameters to the search feature and the (3) SearchContentClassAttributeID parameter to the advancedsearch feature. | |||||
| CVE-2010-2673 | 1 Devana | 1 Devana | 2010-07-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile_view.php in Devana 1.6.6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-2516 | 1 2daybiz | 1 Multi Level Marketing Software | 2010-06-30 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in 2daybiz Multi Level Marketing (MLM) Software allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) index.php and (2) admin/index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-2508 | 1 2daybiz | 1 Video Community Portal Script | 2010-06-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in user-profile.php in 2daybiz Video Community Portal Script allows remote attackers to execute arbitrary SQL commands via the userid parameter. | |||||
| CVE-2010-2512 | 1 2daybiz | 1 Matrimonial Script | 2010-06-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in customprofile.php in 2daybiz Matrimonial Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-2510 | 1 2daybiz | 1 Web Template Software | 2010-06-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote attackers to execute arbitrary SQL commands via the tid parameter. | |||||
| CVE-2010-2513 | 2 Harmistechnology, Joomla | 2 Com Jeajaxeventcalendar, Joomla\! | 2010-06-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php. | |||||
| CVE-2010-2515 | 2 Dacian Strain, Joomla | 2 Com Jfaq, Joomla\! | 2010-06-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in index.php in the JFaq (com_jfaq) component 1.2 for Joomla!, when magic_quotes_gpc is disabled, allow (1) remote attackers to execute arbitrary SQL commands via the id parameter, and (2) remote authenticated users with "Public Front-end" permissions to execute arbitrary SQL commands via the titlu parameter (title field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2511 | 1 2daybiz | 1 Multi Level Marketing Software | 2010-06-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewnews.php in 2daybiz Multi Level Marketing (MLM) Software allows remote attackers to execute arbitrary SQL commands via the nwsid parameter. | |||||
| CVE-2010-1013 | 2 Fr.simon Rundell, Typo3 | 2 Pd Diocesedatabase, Typo3 | 2010-06-25 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Diocese of Portsmouth Database (pd_diocesedatabase) extension before 0.7.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-2335 | 1 Yamamah | 1 Yamamah | 2010-06-24 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter. | |||||
| CVE-2010-1015 | 2 Laurent Foulloy, Typo3 | 2 Sav Filter Abc, Typo3 | 2010-06-24 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the SAV Filter Alphabetic (sav_filter_abc) extension before 1.0.9 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0471 | 1 Enanocms | 1 Enanocms | 2010-06-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the comment submission interface (includes/comment.php) in Enano CMS before 1.0.6pl1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | |||||
| CVE-2010-0956 | 1 Opencart | 1 Opencart | 2010-06-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in OpenCart 1.3.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2009-4720 | 1 Gnudip | 1 Gnudip | 2010-06-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cgi-bin/gnudip.cgi in GnuDIP 2.1.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2342 | 1 Dmxready | 1 Online Notebook Manager | 2010-06-21 | 7.5 HIGH | N/A |
| SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | |||||
| CVE-2010-2340 | 1 Arabportal | 1 Arab Portal | 2010-06-21 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in members.php in Arab Portal 2.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the by parameter in the msearch action. | |||||
| CVE-2010-2319 | 1 Idevspot | 1 Textads | 2010-06-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2010-2317 | 1 Wmsdesign | 1 Wmscms | 2010-06-18 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) search, (2) sbr, (3) pid, (4) sbl, and (5) FilePath parameters to default.asp; and the (6) sbr, (7) pr, and (8) psPrice parameters to printpage.asp. | |||||
| CVE-2010-2312 | 1 Hauntmax | 1 Haunted House Directory Listing Cms | 2010-06-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in HauntmAx Haunted House Directory Listing CMS allows remote attackers to execute arbitrary SQL commands via the state parameter in a listings action. | |||||
| CVE-2010-1857 | 1 Realitymedias | 1 Repairshop2 | 2010-06-13 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in RepairShop2 1.9.023 Trial, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prod parameter in a products.details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-1479 | 2 Joomla, Rockettheme | 2 Joomla\!, Com Rokmodule | 2010-06-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter in a raw action to index.php. | |||||
| CVE-2010-1477 | 2 Joomla, Martin Hess | 2 Joomla\!, Com Sermonspeaker | 2010-06-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a latest_sermons action to index.php. | |||||
| CVE-2010-1468 | 2 Focusdev, Joomla | 2 Com Mv Restaurantmenumanager, Joomla\! | 2010-06-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Multi-Venue Restaurant Menu Manager (aka MVRMM or com_mv_restaurantmenumanager) component 1.5.2 Stable Update 3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the mid parameter in a menu_display action to index.php. | |||||
| CVE-2010-2257 | 1 Payperviewvideosoftware | 1 Pay Per Minute Video Chat Script | 2010-06-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index_ie.php in Pay Per Minute Video Chat Script 2.0 and 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2010-2254 | 2 Joomla, Shape5 | 2 Joomla\!, Bridge Of Hope Template | 2010-06-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. | |||||
| CVE-2010-2255 | 2 Joomla, Tamlyncreative | 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more | 2010-06-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1480 | 2 Joomla, Rockettheme | 2 Joomla\!, Com Rokmodule | 2010-06-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2139 | 1 Multishopcms | 1 Multishop Cms | 2010-06-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pages.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-2140 | 1 Multishopcms | 1 Multishop Cms | 2010-06-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in itemdetail.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-4784 | 2 Joaktree, Joomla | 2 Com Joaktree, Joomla\! | 2010-06-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php. | |||||
| CVE-2009-4785 | 2 Bhavesh Chauhan, Joomla | 2 Com Quicknews, Joomla\! | 2010-06-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.php. | |||||
| CVE-2010-2095 | 1 Cmsqlite | 1 Cmsqlite | 2010-05-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CMSQlite 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the c parameter. | |||||
| CVE-2010-2051 | 1 Debliteck | 1 Dbcart | 2010-05-26 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.php in Debliteck DBCart allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-2042 | 1 Shopex | 1 Ecshop | 2010-05-26 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in ECShop 2.7.2 allows remote attackers to execute arbitrary SQL commands via the encode parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4803 | 2 Andreas Schwarzkopf, Typo3 | 2 Accessibility Glossary, Typo3 | 2010-05-26 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Accessibility Glossary (a21glossary) extension 0.4.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||