Total
15302 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3604 | 2 Alex Kellner, Typo3 | 2 Powermail, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0632 | 2 Joomla, Parkviewconsultants | 2 Joomla\!, Com Simplefaq | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action to index.php. | |||||
| CVE-2012-5967 | 1 Merethis | 1 Centreon | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in menuXML.php in Centreon 2.3.3 through 2.3.9-4 (fixed in Centreon web 2.6.0) allows remote authenticated users to execute arbitrary SQL commands via the menu parameter. | |||||
| CVE-2010-0964 | 1 Media-products | 1 Eros Webkatalog | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action. | |||||
| CVE-2013-4882 | 1 Mcafee | 2 Epolicy Orchestrator, Epolicy Orchestrator Agent | 2025-04-11 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and earlier, and the ePolicy Orchestrator (ePO) extension for McAfee Agent (MA) 4.5 and 4.6, allow remote authenticated users to execute arbitrary SQL commands via the uid parameter to (1) core/showRegisteredTypeDetails.do and (2) EPOAGENTMETA/DisplayMSAPropsDetail.do, a different vulnerability than CVE-2013-0140. | |||||
| CVE-2012-2574 | 1 Symantec | 1 Web Gateway | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to a "blind SQL injection" issue. | |||||
| CVE-2009-4728 | 1 Questions Answered | 1 Questions Answered | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the administrative interface in Questions Answered 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2255 | 2 Joomla, Tamlyncreative | 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4257 | 1 Wordpress | 1 Wordpress | 2025-04-11 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field. | |||||
| CVE-2010-2461 | 1 Jce-tech | 1 Overstock Script | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 allows remote attackers to execute arbitrary SQL commands via the store parameter. | |||||
| CVE-2010-1726 | 1 Alibabaclone | 1 Ec21 Clone | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1270 | 1 Phpscripte24 | 1 Multi Suktions Komplett System | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | |||||
| CVE-2010-1343 | 1 Bjsintay | 1 Sitex | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter. | |||||
| CVE-2011-1667 | 1 Xmedien | 1 Anzeigenmarkt | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action. | |||||
| CVE-2011-5116 | 1 Setseed | 1 Setseed Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in setseed-hub in SetSeed CMS 5.8.20, 5.11.2, and earlier allows remote attackers to execute arbitrary SQL commands via the loggedInUser cookie. | |||||
| CVE-2010-1480 | 2 Joomla, Rockettheme | 2 Joomla\!, Com Rokmodule | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-5334 | 1 Preprojects | 1 Pre Printing Press | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_desc.php in Pre Printing Press allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2012-4282 | 1 Toocharger | 1 Trombinoscope | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in photo.php in Trombinoscope 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2013-4681 | 2 Michael Staatz, Typo3 | 2 Sofortueberweisung2commerce, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the sofortueberweisung2commerce extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-1269 | 1 Phpscripte24 | 1 Niedrig Gebote Pro Auktions System Ii | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | |||||