Total
15307 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-5175 | 1 Bananadance | 1 Banana Dance | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in Banana Dance, possibly B.1.5 and earlier, allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2013-2956 | 1 Ibm | 1 Infosphere Optim Data Growth For Oracle E-business Suite | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Console in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-0510 | 1 Awbs | 1 Advanced Webhost Billing System | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cart.php in Advanced Webhost Billing System (AWBS) 2.9.2 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the oid parameter in an add_other action. | |||||
| CVE-2012-0337 | 1 Cisco | 1 Unified Meetingplace | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtx08939. | |||||
| CVE-2010-4400 | 1 Dynpg | 1 Dynpg | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands via the giveRights_UserId parameter. | |||||
| CVE-2010-4990 | 2 B-elektro, Joomla | 2 Com Addressbook, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php. | |||||
| CVE-2009-5090 | 1 Daman371 | 1 Bloggeruniverse | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in editcomments.php in Bloggeruniverse Beta 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter and possibly other unspecified vectors. | |||||
| CVE-2011-2080 | 1 Inventivetec | 1 Mediacast | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MediaCAST 8 and earlier allow remote attackers to execute arbitrary SQL commands via (1) a CP_ENLARGESTYLE cookie to the default URI under inventivex/managetraining/ or (2) unspecified input to authenticate_ad_setup_finished.cfm. | |||||
| CVE-2010-4517 | 2 Harmistechnology, Joomla | 2 Com Jeauto, Joomla\! | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the char parameter in an item action to index.php. | |||||
| CVE-2010-0377 | 1 Phpmyspace | 1 Phpmyspace | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a play_game action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1090 | 1 Phpmysite | 1 Phpmysite | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpMySite allows remote attackers to execute arbitrary SQL commands via the action parameter. | |||||
| CVE-2013-5957 | 1 Civicrm | 1 Civicrm | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location.php in CiviCRM before 4.2.12, 4.3.x before 4.3.7, and 4.4.x before 4.4.beta4 allow remote attackers to execute arbitrary SQL commands via the _value parameter to (1) ajax/jqState or (2) ajax/jqcounty. | |||||
| CVE-2012-4601 | 1 Tecnick | 1 Tcexam | 2025-04-11 | 6.0 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_groups[] parameter to admin/code/tce_edit_test.php or (2) subject_id parameter to admin/code/tce_show_all_questions.php. | |||||
| CVE-2012-2236 | 1 Ryan Walberg | 1 Php Gift Registry | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 allows remote authenticated users to execute arbitrary SQL commands via the userid parameter in an edit action. | |||||
| CVE-2010-2131 | 2 Mario Matzulla, Typo3 | 2 Cal, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Calendar Base (cal) extension before 1.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via iCalendar data. | |||||
| CVE-2010-5000 | 1 Joe Pieruccini | 1 Mclogin System | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login/login_index.php in MCLogin System 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the myusername parameter (aka Username field) in a do_login action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0951 | 1 Dev4u | 1 Dev4u Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in go_target.php in dev4u CMS allows remote attackers to execute arbitrary SQL commands via the kontent_id parameter. | |||||
| CVE-2010-5062 | 1 Mh Products | 1 Kleinanzeigenmarkt | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in MH Products kleinanzeigenmarkt allows remote attackers to execute arbitrary SQL commands via the c parameter. | |||||
| CVE-2010-4911 | 1 Sellatsite | 1 Php Classifieds Ads | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in classi/detail.php in PHP Classifieds Ads allows remote attackers to execute arbitrary SQL commands via the sid parameter. | |||||
| CVE-2009-4745 | 1 Dreamlevels | 1 Dreampoll | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Dreamlevels DreamPoll 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) sortField, (2) sortDesc, or (3) pageNumber parameter in a login action. | |||||