| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in news.php in RSS Simple News (RSSSN), when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the pid parameter. |
| SQL injection vulnerability in login.php in Simple Customer 1.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. |
| SQL injection vulnerability in index.php in MyTopix 1.3.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the send parameter in a notes action. |
| SQL injection vulnerability in Employee/login.asp in Pre ASP Job Board allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters, as reachable from Employee/emp_login.asp. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in view.php in Butterfly Organizer 2.0.0 and 2.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in login.php in Simple Customer as downloaded on 20081118 allows remote attackers to execute arbitrary SQL commands via the email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. |
| SQL injection vulnerability in forummessages.cfm in CFMSource CF_Auction allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. |
| SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. |
| SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arbitrary SQL commands via the Category parameter in a ViewCategory action. |
| SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter. |
| SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312. |
| SQL injection vulnerability in tag_board.php in the Tag Board module 4.0 and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action. |
| SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. |
| SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 allows remote attackers to execute arbitrary SQL commands via the mytable parameter. NOTE: the id vector is covered by another CVE name. |
| SQL injection vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in index.php in W3matter AskPert allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled and the SEO URLs are activated, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in tourview.php in ToursManager allows remote attackers to execute arbitrary SQL commands via the tourid parameter. |
| SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox module 1.4 for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action. |
