Total
15329 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4265 | 1 Itechscripts | 1 Proman Xpress | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-4982 | 1 Irokez | 1 Irokez Cms | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the select function in Irokez CMS 0.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to the default URI. | |||||
| CVE-2009-4617 | 1 Tourismscripts | 1 Tourism Script Accomodation Hotel Booking Portal Script | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Tourism Script Accommodation Hotel Booking Portal Script allow remote attackers to execute arbitrary SQL commands via the hotel_id parameter to (1) hotel.php, (2) details.php, (3) roomtypes.php, (4) photos.php, (5) map.php, (6) weather.php, (7) reviews.php, and (8) book.php. | |||||
| CVE-2009-4732 | 1 Technotoad | 1 Tt Web Site Manager | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tt_name parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4794 | 1 Community Cms | 1 Community Cms | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php. | |||||
| CVE-2010-4934 | 1 Svcreation | 1 Get Tube | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in video.php in Get Tube 4.51 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-1716 | 2 Joomla, Joomlanetprojects | 2 Joomla\!, Com Agenda | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2014-1204 | 1 Tableausoftware | 1 Tableau Server | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled. | |||||
| CVE-2010-1599 | 1 Nkinfoweb | 1 Nkinfoweb | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2.2.0 allows remote attackers to execute arbitrary SQL commands via the id_sp parameter. | |||||
| CVE-2012-6427 | 1 Carlosgavazzi | 2 Eos-box Photovoltaic Monitoring System, Eos-box Photovoltaic Monitoring System Firmware | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a similar issue to CVE-2012-5861. | |||||
| CVE-2011-4569 | 2 Mybb, Tom K | 2 Mybb, Forum Userbar Plugin | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in userbarsettings.php in the Userbar plugin 2.2 for MyBB Forum allows remote attackers to execute arbitrary SQL commands via the image2 parameter. | |||||
| CVE-2010-4992 | 2 Joomla, Paymentsplus | 2 Joomla\!, Payments Plus | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. | |||||
| CVE-2010-4925 | 1 Nuked-klan | 2 Nuked-klan, Partenaires Module | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in clic.php in the Partenaires module 1.5 for Nuked-Klan allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2013-4789 | 1 Cotonti | 1 Cotonti Siena | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to index.php. | |||||
| CVE-2011-1913 | 1 Mercator | 1 Sentinel | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login form in the web interface in Mercator SENTINEL 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-4673 | 2 Automattic, Wordpress | 2 Jetpack, Wordpress | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2011-0512 | 2 Jikaka, Php-fusion | 2 Teams Structure Module, Php-fusion | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in team.php in the Teams Structure module 3.0 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the team_id parameter. | |||||
| CVE-2010-4839 | 2 Edgetechweb, Wordpress | 2 Event Registration, Wordpress | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Event Registration plugin 5.32 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the event_id parameter in a register action. | |||||
| CVE-2010-0800 | 2 Joomla, Joomservices | 2 Joomla\!, Com Dms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a view_category action to index.php. | |||||
| CVE-2013-4017 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||