Total
15354 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1044 | 1 Manageengine | 1 Oputils | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote attackers to execute arbitrary SQL commands via the isHttpPort parameter. | |||||
| CVE-2010-4404 | 2 Anything-digital, Joomla | 2 Sh404sef, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-1720 | 2 Joomla, Qproje | 2 Joomla\!, Com Qpersonel | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php. | |||||
| CVE-2012-4237 | 1 Tecnick | 1 Tcexam | 2025-04-11 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in TCExam before 11.3.008 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the subject_module_id parameter to (1) tce_edit_answer.php or (2) tce_edit_question.php. | |||||
| CVE-2011-5201 | 1 Steveyolam | 1 Tinyguestbook | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in sign.php in tinyguestbook allow remote attackers to execute arbitrary SQL commands via the (1) name and (2) msg parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-2688 | 3 Apache, Debian, Mod Authnz External Project | 3 Http Server, Debian Linux, Mod Authnz External | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field. | |||||
| CVE-2012-1225 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) in list.php or (2) rowid parameter to adherents/fiche.php. | |||||
| CVE-2013-2050 | 1 Redhat | 2 Cloudforms Management Engine, Manageiq Enterprise Virtualization Manager | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter in an explorer action. | |||||
| CVE-2010-0954 | 1 Preprojects | 1 Pre E-learning Portal | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search_result.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the course_ID parameter. | |||||
| CVE-2012-1638 | 2 Dominique Clause, Drupal | 2 Search Autocomplete, Drupal | 2025-04-11 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use search_autocomplete" permission to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-5222 | 1 Scripte24shop | 1 Php Flirt-projekt | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in rub2_w.php in PHP Flirt-Projekt 4.8 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the rub parameter. | |||||
| CVE-2010-4952 | 2 Joachim Ruhs, Typo3 | 2 Festat, Typo3 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2013-6243 | 1 Landing Pages Project | 1 Landing Pages Plugin | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the "post" parameter to index.php. | |||||
| CVE-2010-4356 | 1 Site2nite | 1 Big Truck Broker | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter. | |||||
| CVE-2011-1064 | 1 Qibosoft | 1 Qi Bo Cms | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 allows remote attackers to execute arbitrary SQL commands via the aidDB[] parameter. | |||||
| CVE-2012-0401 | 1 Rsa | 1 Envision | 2025-04-11 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4667 | 1 Phpmember | 1 Webmember | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in form.php in WebMember 1.0 allows remote authenticated users to execute arbitrary SQL commands via the formID parameter. | |||||
| CVE-2009-4985 | 1 Websitesrus | 1 Accessories Me Php Affiliate Script | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.php in Accessories Me PHP Affiliate Script 1.4 allows remote attackers to execute arbitrary SQL commands via the Go parameter. | |||||
| CVE-2010-4940 | 1 Wanewsletter | 1 Wanewsletter | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2012-2324 | 1 Mybb | 1 Mybb | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the (1) user search or (2) Mail Log in the Admin Control Panel (ACP). | |||||