Total
15303 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1904 | 1 Emc | 1 Rsa Key Manager Client | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data. | |||||
| CVE-2010-4888 | 2 Marco Hezel, Typo3 | 2 Hm Tinymarket, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4785 | 2 Bhavesh Chauhan, Joomla | 2 Com Quicknews, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.php. | |||||
| CVE-2010-4899 | 1 Webmanager-pro | 1 Cms Webmanager-pro | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-2092 | 1 Cacti | 1 Cacti | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the POST or cookie value to bypass the validation routine, but inserts the $_GET value into the resulting query. | |||||
| CVE-2011-2546 | 1 Cisco | 4 Sa500 Software, Sa520, Sa520w and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669. | |||||
| CVE-2009-4621 | 2 Discuz, Patching | 2 Discuz\!, Jianghu Inn | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JiangHu Inn plugin 1.1 and earlier for Discuz! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to forummission.php. | |||||
| CVE-2011-3130 | 1 Wordpress | 1 Wordpress | 2025-04-11 | 7.5 HIGH | N/A |
| wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection. | |||||
| CVE-2010-2623 | 1 Internetdm | 1 Bed And Breakfast | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pages.php in Internet DM Specialist Bed and Breakfast allows remote attackers to execute arbitrary SQL commands via the pp_id parameter. | |||||
| CVE-2011-4460 | 1 Bestpractical | 1 Rt | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to execute arbitrary SQL commands by leveraging access to a privileged account. | |||||
| CVE-2010-4851 | 1 Eclime | 1 Eclime | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote attackers to execute arbitrary SQL commands via the (1) ref or (2) poll_id parameter to index.php, or the (3) country parameter to create_account.php. | |||||
| CVE-2011-3615 | 1 Simplemachines | 1 Smf | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Simple Machines Forum (SMF) before 1.1.15 and 2.x before 2.0.1 allow remote attackers to execute arbitrary SQL commands via vectors involving a (1) HTML entity or (2) display name. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4904 | 2 Joomla, Simon Philips | 2 Joomla\!, Com Aardvertiser | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-1071 | 2 Mathieu Vidal, Typo3 | 2 Mv Cooking, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Kitchen recipe (mv_cooking) extension before 0.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild as of February 2012. | |||||
| CVE-2011-2141 | 1 Ibm | 1 Datacap Taskmaster Capture | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in TMWeb in IBM Datacap Taskmaster Capture 8.0.1 before FP1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4691 | 1 Resalecode | 1 Classified Linktrader Script | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in addlink.php in Classified Linktrader Script allows remote attackers to execute arbitrary SQL commands via the slctCategories parameter. | |||||
| CVE-2010-1538 | 1 Bluestrikeweb | 1 Phpraincheck | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in print_raincheck.php in phpRAINCHECK 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2014-1401 | 1 Auracms | 1 Auracms | 2025-04-11 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in AuraCMS 2.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search parameter to mod/content/content.php or (2) CLIENT_IP, (3) X_FORWARDED_FOR, (4) X_FORWARDED, (5) FORWARDED_FOR, or (6) FORWARDED HTTP header to index.php. | |||||
| CVE-2014-0728 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05313. | |||||
| CVE-2012-6520 | 1 Wikidforum | 1 Wikidforum | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the advanced search in Wikidforum 2.10 allow remote attackers to execute arbitrary SQL commands via the (1) select_sort or (2) opt_search_select parameters. NOTE: this issue could not be reproduced by third parties. | |||||