Search Results (19661 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-1626 2 Drupal, Karen Stevenson 2 Drupal, Date 2025-04-11 N/A
SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-1603 1 Nextbbs 1 Nextbbs 2025-04-11 N/A
Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0.6 allow remote attackers to execute arbitrary SQL commands via the (1) curstr parameter in the findUsers function, (2) id parameter in the isIdAvailable function, or (3) username parameter in the getGreetings function.
CVE-2013-4719 2 Lina Wolf, Typo3 2 Seo Pack For Tt News, Typo3 2025-04-11 N/A
SQL injection vulnerability in the SEO Pack for tt_news extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-4720 2 Typo3, Webempoweredchurch 2 Typo3, Wec Discussion 2025-04-11 N/A
SQL injection vulnerability in the WEC Discussion Forum extension before 2.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-4721 2 3ds, Typo3 2 Push2rss 3ds, Typo3 2025-04-11 N/A
SQL injection vulnerability in the RSS feed from records extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2014-1636 1 Doug Poulin 1 Command School Student Management System 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to (1) admin_school_names.php, (2) admin_subjects.php, (3) admin_grades.php, (4) admin_terms.php, (5) admin_school_years.php, (6) admin_sgrades.php, (7) admin_media_codes_1.php, (8) admin_infraction_codes.php, (9) admin_generations.php, (10) admin_relations.php, (11) admin_titles.php, or (12) health_allergies.php in sw/.
CVE-2012-3791 1 Cms-center 1 Simple Web Content Management System 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Simple Web Content Management System 1.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) item_delete.php, (2) item_status.php, (3) item_detail.php, (4) item_modify.php, or (5) item_position.php in admin/; or (6) status parameter to admin/item_status.php.
CVE-2010-4935 1 Khader Abbeb 1 Entrans 2025-04-11 N/A
SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-2010-5006 1 Emophp 1 Emo Realty Manager 2025-04-11 N/A
SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter.
CVE-2010-4844 1 Mhproducts 1 Easy Online Shop 2025-04-11 N/A
SQL injection vulnerability in content.php in MH Products Easy Online Shop allows remote attackers to execute arbitrary SQL commands via the kat parameter.
CVE-2010-5008 1 Denaliintranet 1 Brightsuite Groupware 2025-04-11 N/A
SQL injection vulnerability in pages/contact_list_mail_form.asp in BrightSuite Groupware 5.4 allows remote attackers to execute arbitrary SQL commands via the ContactID parameter.
CVE-2010-4809 1 Liberologico 1 Dbsite 2025-04-11 N/A
SQL injection vulnerability in index.php in DBSite 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2010-5083 1 Phpnuke 2 Php-nuke, Web Links Module 2025-04-11 N/A
SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.
CVE-2010-5009 1 Ut-files 1 Utstats 2025-04-11 N/A
SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action.
CVE-2013-7139 1 Cynthia Fridsma 1 Horizon Quick Content Management System 2025-04-11 N/A
SQL injection vulnerability in download.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote to execute arbitrary SQL commands via the category parameter.
CVE-2011-4949 1 Egroupware 2 Egroupware, Egroupware Enterprise Line 2025-04-11 N/A
SQL injection vulnerability in phpgwapi/js/dhtmlxtree/samples/with_db/loaddetails.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-3467 1 E-xoopport 1 Samsara 2025-04-11 N/A
SQL injection vulnerability in modules/sections/index.php in E-Xoopport Samsara 3.1 and earlier, when the Tutorial module is enabled, allows remote attackers to execute arbitrary SQL commands via the secid parameter in a listarticles action.
CVE-2011-4946 1 E107 1 E107 2025-04-11 N/A
SQL injection vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to execute arbitrary SQL commands via the user_field parameter.
CVE-2012-0983 1 Scriptsez 1 Ez Album 2025-04-11 N/A
SQL injection vulnerability in Scriptsez.net Ez Album allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2010-2699 1 Edgephp 1 Clickbank Affiliate Marketplace Script 2025-04-11 N/A
SQL injection vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) allows remote attackers to execute arbitrary SQL commands via the search parameter.