Total
15349 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1498 | 1 Clausvb | 1 Dl Stats | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in dl_stats before 2.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) download.php and (2) view_file.php. | |||||
| CVE-2010-1018 | 2 Jochen Rau, Typo3 | 2 Sk Bookreview, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Book Reviews (sk_bookreview) extension 0.0.12 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2013-4422 | 3 Postgresql, Qt, Quassel-irc | 3 Postgresql, Qt, Quassel Irc | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message. | |||||
| CVE-2009-5026 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-11 | 6.8 MEDIUM | N/A |
| The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments. | |||||
| CVE-2009-4968 | 2 Christian Ehmann, Typo3 | 2 Event Registr, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Event Registration (event_registr) extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-6507 | 1 Jason Sexauer | 1 Churchcms | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) uname or (2) pass parameters in a login action. | |||||
| CVE-2010-2134 | 1 Http-solution | 1 Project Man | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in Project Man 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. | |||||
| CVE-2011-1557 | 1 Icloudcenter | 1 Icjobsite | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ICloudCenter ICJobSite 1.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter to an unspecified component, a different vulnerability than CVE-2011-1546. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2011-4829 | 2 Barter-sites, Joomla | 2 Com Listing, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_listing component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter to index.php. | |||||
| CVE-2013-4827 | 1 Hp | 2 Imc Service Operation Management Software Module, Intelligent Management Center | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZDI-CAN-1664. | |||||
| CVE-2010-0671 | 1 Michalin | 1 Kr Media Pogodny Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a niusy action. | |||||
| CVE-2012-5297 | 1 Mavili Guestbook Project | 1 Mavili Guestbook | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in edit.asp in Mavili Guestbook, as released in November 2007, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2011-5039 | 1 Infoproject | 1 Biznis Heroj | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to login.php, (3) the filter parameter to widget.dokumenti_lista.php, and (4) the fin_nalog_id parameter to nalozi_naslov.php. | |||||
| CVE-2010-1855 | 1 Phpscripte24 | 1 Pay Per Watch \& Bid Auktions System | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | |||||
| CVE-2011-5169 | 1 Dell | 1 Sonicwall Viewpoint | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sgms/reports/scheduledreports/configure/scheduleProps.jsp in SonicWall ViewPoint 6.0 SP2 allows remote attackers to execute arbitrary SQL commands via the scheduleID parameter. | |||||
| CVE-2010-4720 | 2 Harmistechnology, Joomla | 2 Com Jeauto, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page. | |||||
| CVE-2010-4800 | 1 Baconmap | 1 Baconmap | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. | |||||
| CVE-2010-5059 | 1 Cmscout | 1 Cmscout | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CMScout 2.0.8 allows remote attackers to execute arbitrary SQL commands via the album parameter in a photos action. | |||||
| CVE-2010-4503 | 1 Aigaion | 1 Aigaion | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action. | |||||
| CVE-2009-4695 | 1 Radscripts | 1 Radlance | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action. | |||||