Total
11641 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6040 | 1 Agares Media | 1 Arcadem Pro | 2009-08-19 | N/A |
| SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php. | ||||
| CVE-2009-2428 | 1 Tauschregal.de | 1 Tausch Ticket Script | 2009-07-22 | N/A |
| Multiple SQL injection vulnerabilities in Tausch Ticket Script 3 allow remote attackers to execute arbitrary SQL commands via the (1) userid parameter to suchauftraege_user.php and the (2) descr parameter to vote.php; and other unspecified vectors. | ||||
| CVE-2009-2106 | 2 Projektseminar Proservice Wwu, Typo3 | 2 Virtual Civil Services, Typo3 | 2009-07-02 | N/A |
| SQL injection vulnerability in the Virtual Civil Services (civserv) extension 4.3.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-2103 | 2 Steve Grundell, Typo3 | 2 Frontend Mp3 Player, Typo3 | 2009-06-23 | N/A |
| SQL injection vulnerability in the Frontend MP3 Player (fe_mp3player) 0.2.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-2105 | 1 Kasper Skrhj | 1 References Database | 2009-06-23 | N/A |
| SQL injection vulnerability in the References database (t3references) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-0543 | 1 Proftpd | 1 Proftpd | 2009-06-09 | N/A |
| ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres. | ||||
| CVE-2009-1585 | 1 R020 | 1 Tematres | 2009-05-13 | N/A |
| Multiple SQL injection vulnerabilities in TemaTres 1.031, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id_correo_electronico and (2) id_password parameters to login.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-0829 | 1 Andrew Freed | 1 Quotebook | 2009-03-21 | N/A |
| Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the (1) MyBox and (2) selectFavorites parameters to (a) quotes.php and the (3) QuoteName and (4) QuoteText parameters to (b) quotesadd.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6104 | 1 A4desk | 1 A4desk Flash Event Calendar | 2009-02-26 | N/A |
| SQL injection vulnerability in A4Desk PHP Event Calendar allows remote attackers to execute arbitrary SQL commands via the eventid parameter to admin/index.php. | ||||
| CVE-2008-5924 | 1 Asp-dev | 1 Xm Events Diary | 2009-02-05 | N/A |
| SQL injection vulnerability in diary_viewC.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-0287 | 1 Keep Toolkit | 1 Keep Toolkit | 2009-02-05 | N/A |
| SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password. | ||||
| CVE-2007-6670 | 1 Phpcredo | 1 Phcdownload | 2008-11-15 | N/A |
| SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers to execute arbitrary SQL commands via the string parameter. | ||||
| CVE-2007-4552 | 1 Agares Media | 1 Arcadem | 2008-11-15 | N/A |
| SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not. | ||||
| CVE-2008-3965 | 1 Mybb | 1 Mybb | 2008-11-15 | N/A |
| SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.4.1 allows remote attackers to execute arbitrary SQL commands via a certain editor field. | ||||
| CVE-2007-3637 | 1 Mkportal | 1 Mkportal | 2008-11-15 | N/A |
| SQL injection vulnerability in MKPortal 1.1.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZD-00000008. this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. | ||||
| CVE-2005-4632 | 1 Vote Pro | 1 Vote Pro | 2008-09-20 | N/A |
| SQL injection vulnerability in poll_frame.php in Vote! Pro 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the poll_id parameter. | ||||
| CVE-2005-4027 | 1 Simplemedia | 1 Simplebbs | 2008-09-20 | N/A |
| SQL injection vulnerability in SimpleBBS 1.1 allows remote attackers to execute arbitrary SQL commands via unspecified search module parameters. | ||||
| CVE-2007-6032 | 1 Aleris | 1 Web Publishing Server | 2008-09-05 | N/A |
| SQL injection vulnerability in calendar/page.asp in Aleris Web Publishing Server 3.0 allows remote attackers to execute arbitrary SQL commands via the mode parameter. | ||||
| CVE-2004-2754 | 1 Yabb | 1 Yabb Se | 2008-09-05 | N/A |
| SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions. | ||||
| CVE-2003-1520 | 1 Fuzzymonkey | 1 Myclassifieds | 2008-09-05 | N/A |
| SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter. | ||||