Total
11641 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-5006 | 1 Emophp | 1 Emo Realty Manager | 2012-02-14 | N/A |
| SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter. | ||||
| CVE-2010-5000 | 1 Joe Pieruccini | 1 Mclogin System | 2012-02-14 | N/A |
| SQL injection vulnerability in login/login_index.php in MCLogin System 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the myusername parameter (aka Username field) in a do_login action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4936 | 2 Joomla, Webmaster-tips | 2 Joomla\!, Com Slideshow | 2012-02-14 | N/A |
| SQL injection vulnerability in the Slide Show (com_slideshow) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2005-3877 | 1 Cafuego | 1 Simple Document Management System | 2012-02-07 | N/A |
| Multiple SQL injection vulnerabilities in Simple Document Management System (SDMS) 2.0-CVS and earlier allow remote attackers to execute arbitrary SQL commands via the (1) folder_id parameter in list.php and (2) mid parameter in a view action to messages.php. | ||||
| CVE-2011-4215 | 1 Oneorzero | 1 Aims | 2012-01-27 | N/A |
| SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variable. | ||||
| CVE-2011-4671 | 2 Adrotateplugin, Wordpress | 2 Adrotate, Wordpress | 2011-12-13 | N/A |
| SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL). | ||||
| CVE-2006-5242 | 1 Etomite | 1 Etomite | 2011-12-08 | N/A |
| SQL injection vulnerability in Etomite Content Management System (CMS) before 0.6.1.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-4770 | 1 Commodityrentals | 1 Dvd Rentals Script | 2011-09-22 | N/A |
| SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action. | ||||
| CVE-2010-4782 | 1 Softwebsnepal | 1 Ananda Real Estate | 2011-09-22 | N/A |
| Multiple SQL injection vulnerabilities in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) city, (2) state, (3) country, (4) minprice, (5) maxprice, (6) bed, and (7) bath parameters, different vectors than CVE-2006-6807. | ||||
| CVE-2010-4780 | 1 Enanocms | 1 Enano Cms | 2011-09-22 | N/A |
| SQL injection vulnerability in the check_banlist function in includes/sessions.php in Enano CMS 1.1.7pl1; 1.0.6pl2; and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2 allows remote attackers to execute arbitrary SQL commands via the email parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4736 | 1 Gatesoft | 1 Docusafe | 2011-09-22 | N/A |
| SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the ECO_ID parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4738 | 1 Raemedia | 1 Real Estate Single And Multi Agent System | 2011-09-22 | N/A |
| Multiple SQL injection vulnerabilities in Rae Media INC Real Estate Single and Multi Agent System 3.0 allow remote attackers to execute arbitrary SQL commands via the probe parameter to (1) multi/city.asp in the Multi Agent System and (2) resulttype.asp in the Single Agent System. | ||||
| CVE-2010-4737 | 1 Hotwebscripts | 1 Hotweb Rentals | 2011-09-22 | N/A |
| SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PropResort parameter. | ||||
| CVE-2010-4830 | 1 T-dreams | 1 Job Career Package | 2011-09-22 | N/A |
| SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno Dreams (T-Dreams) Job Career Package 3.0 allows remote attackers to execute arbitrary SQL commands via the z_Residency parameter. | ||||
| CVE-2010-4829 | 1 T-dreams | 1 Cars Ads Package | 2011-09-13 | N/A |
| SQL injection vulnerability in processview.asp in Techno Dreams (T-Dreams) Cars Ads Package 2.0 allows remote attackers to execute arbitrary SQL commands via the key parameter. | ||||
| CVE-2006-0115 | 1 Oneplug Solutions | 1 Oneplug Cms | 2011-09-08 | N/A |
| Multiple SQL injection vulnerabilities in OnePlug Solutions OnePlug CMS allow remote attackers to execute arbitrary SQL commands via the (1) Press_Release_ID parameter in press/details.asp, (2) Service_ID parameter in services/details.asp, and (3) Product_ID parameter in products/details.asp. | ||||
| CVE-2005-4478 | 1 Papoo | 1 Papoo | 2011-09-08 | N/A |
| Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) menuid parameter to (a) index.php and (b) guestbook.php, and the (2) forumid and (3) reporeid_print parameters to (c) print.php. | ||||
| CVE-2006-1049 | 1 Joomla | 1 Joomla | 2011-09-08 | N/A |
| Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via unknown attack vectors. | ||||
| CVE-2005-3881 | 1 Altantisfaq | 1 Altantis Knowledge Base Software | 2011-08-05 | N/A |
| SQL injection vulnerability in search.php in AtlantisFAQ Knowledge Base Software 2.03 and earlier allows remote attackers to execute arbitrary SQL commands via the searchStr parameter. | ||||
| CVE-2005-3840 | 1 Omnistar Interactive | 1 Omnistar Live | 2011-08-05 | N/A |
| SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter. NOTE: due to a typo, an Internet Explorer issue was incorrectly assigned this identifier, but the correct identifier is CVE-2005-3240. | ||||