Search Results (19662 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1923 1 Phpscripte24 1 Web Social Network Freunde Community 2025-04-11 N/A
SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System allows remote attackers to execute arbitrary SQL commands via the id parameter in a showgallery action.
CVE-2013-0560 1 Ibm 2 Sterling B2b Integrator, Sterling File Gateway 2025-04-11 N/A
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2012-5766.
CVE-2010-1924 1 Phpscripte24 1 Live Shopping Multi Portal System 2025-04-11 N/A
SQL injection vulnerability in index.php in Hi Web Wiesbaden Live Shopping Multi Portal System allows remote attackers to execute arbitrary SQL commands via the artikel parameter.
CVE-2010-1725 1 Alibabaclone 1 Alibaba Clone Platinum 2025-04-11 N/A
SQL injection vulnerability in offers_buy.php in Alibaba Clone Platinum allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-6273 1 Bigantsoft 1 Bigant Im Message Server 2025-04-11 N/A
SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU (aka search user) request.
CVE-2012-6144 1 Typo3 1 Typo3 2025-04-11 N/A
SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-3469 1 Ushahidi 1 Ushahidi Platform 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the messages admin functionality in application/controllers/admin/messages.php, (2) application/libraries/api/MY_Checkin_Api_Object.php, (3) application/controllers/admin/messages/reporters.php, or (4) the location API in application/libraries/api/MY_Locations_Api_Object.php and application/models/location.php.
CVE-2012-6526 1 Vastal 1 Freelance Zone 2025-04-11 N/A
SQL injection vulnerability in show_code.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the code_id parameter.
CVE-2012-6039 1 Yabsoft 1 Advanced Image Hosting Script 2025-04-11 N/A
SQL injection vulnerability in view_comments.php in YABSoft Advanced Image Hosting (AIH) Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter.
CVE-2010-1721 2 Joomla, Thethinkery 2 Joomla\!, Com Iproperty 2025-04-11 N/A
SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php.
CVE-2010-1372 2 Hdflvplayer, Joomla 2 Com Hdflvplayer, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2010-1133 1 Tiki 1 Tikiwiki Cms\/groupware 2025-04-11 N/A
Multiple SQL injection vulnerabilities in TikiWiki CMS/Groupware 4.x before 4.2 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to (1) tiki-searchindex.php and (2) tiki-searchresults.php.
CVE-2010-1370 1 Preprojects 1 Pre Classified Listings Asp 2025-04-11 N/A
SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter.
CVE-2010-1369 1 Preprojects 1 Pre Classified Listings Asp 2025-04-11 N/A
SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter.
CVE-2012-4479 2 David Alkire, Drupal 2 Drag \& Drop Gallery, Drupal 2025-04-11 N/A
SQL injection vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-1557 1 Parallels 1 Parallels Plesk Panel 2025-04-11 N/A
SQL injection vulnerability in admin/plib/api-rpc/Agent.php in Parallels Plesk Panel 7.x and 8.x before 8.6 MU#2, 9.x before 9.5 MU#11, 10.0.x before MU#13, 10.1.x before MU#22, 10.2.x before MU#16, and 10.3.x before MU#5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in March 2012.
CVE-2010-1096 1 Scriptsfeed 1 Dating Software 2025-04-11 N/A
Multiple SQL injection vulnerabilities in searchmatch.php in ScriptsFeed Dating Software allow remote attackers to execute arbitrary SQL commands via the (1) txtgender and (2) txtlookgender parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2012-5550 2 Carlos Carvalhar, Drupal 2 Time Spent, Drupal 2025-04-11 N/A
SQL injection vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-3050 1 Zapms 1 Zapms 2025-04-11 N/A
SQL injection vulnerability in ZAPms 1.41 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter to product.
CVE-2010-1092 1 Scriptsfeed 1 Business Directory Software 2025-04-11 N/A
Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow remote attackers to execute arbitrary SQL commands via the (1) us and (2) ps parameters.