Total
15371 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2462 | 1 Tomacero | 1 Orohyip | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP allows remote attackers to execute arbitrary SQL commands via the id parameter in a cancel action. | |||||
| CVE-2012-0999 | 1 Lepton-cms | 1 Lepton | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/news/rss.php in LEPTON before 1.1.4 allows remote attackers to execute arbitrary SQL commands via the group_id parameter. | |||||
| CVE-2010-0605 | 1 Osticket | 1 Osticket | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter. | |||||
| CVE-2010-1045 | 2 Design-cars, Joomla | 2 Com Productbook, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1477 | 2 Joomla, Martin Hess | 2 Joomla\!, Com Sermonspeaker | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a latest_sermons action to index.php. | |||||
| CVE-2010-2148 | 2 Joomla, Unisoft | 2 Joomla\!, Com Mycar | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pagina parameter to index.php. | |||||
| CVE-2012-4261 | 1 Hccgmbh | 1 Mycare2x | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/patient/mycare2x_pat_info.php in myCare2x allows remote attackers to execute arbitrary SQL commands via the lang parameter. | |||||
| CVE-2010-5011 | 1 Schoolmation | 1 Schoolmation | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter. | |||||
| CVE-2009-4696 | 1 Radscripts | 1 Radnics | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RadNICS Gold 5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action. | |||||
| CVE-2012-1815 | 1 Emerson | 3 Deltav, Deltav Proessentials Scientific Graph, Deltav Workstation | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-5291 | 1 Possesports | 1 Posse Softball Director Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in team.php in Posse Softball Director CMS allows remote attackers to execute arbitrary SQL commands via the idteam parameter. | |||||
| CVE-2010-0946 | 2 Joomla, Kiss-software | 2 Joomla\!, Com Ksadvertiser | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertiser) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showcats action to index.php. | |||||
| CVE-2012-1255 | 1 Segue Project | 1 Segue | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-3831 | 1 Sitracker | 1 Support Incident Tracker | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote attackers to execute arbitrary SQL commands via an uploaded file with a crafted file name. | |||||
| CVE-2010-0115 | 1 Symantec | 2 Web Gateway, Web Gateway Appliance | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter. | |||||
| CVE-2012-3839 | 1 Myclientbase | 1 Myclientbase | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in application/core/MY_Model.php in MyClientBase 0.12 allow remote attackers to execute arbitrary SQL commands via the (1) invoice_number or (2) tags parameter to index.php/invoice_search. | |||||
| CVE-2012-2109 | 2 Buddypress, Wordpress | 2 Buddypress, Wordpress | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of WordPress allows remote attackers to execute arbitrary SQL commands via the page parameter in an activity_widget_filter action. | |||||
| CVE-2011-5050 | 1 Elitecore | 1 Cyberoam Unified Threat Management | 2025-04-11 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in corporate/Controller in Elitecore Technologies Cyberoam UTM before 10.01.2 build 059 allows remote authenticated administrators to execute arbitrary SQL commands via the tableid parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2910 | 2 Alexred, Joomla | 2 Com Oziogallery, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
| CVE-2009-4733 | 1 Supercrackmunkey | 1 Simpleloginsys | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||