Search Results (19646 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4845 1 Mhproducts 1 Projekt Shop 2025-04-11 N/A
Multiple SQL injection vulnerabilities in MH Products Projekt Shop allow remote attackers to execute arbitrary SQL commands via the (1) ts parameter to details.php and possibly the (2) ilceler parameter to index.php.
CVE-2010-4846 1 Mhproducts 1 Pay Pal Shop Digital 2025-04-11 N/A
SQL injection vulnerability in view_item.php in MH Products Pay Pal Shop Digital allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2012-0293 1 Symantec 1 Altiris Wise Package Studio 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Symantec Altiris WISE Package Studio before 8.0MR1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4847 1 Mhproducts 1 Mhp Downloadshop 2025-04-11 N/A
SQL injection vulnerability in view_item.php in MH Products MHP Downloadshop allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2011-5259 1 Orangehrm 1 Orangehrm 2025-04-11 N/A
SQL injection vulnerability in lib/controllers/CentralController.php in OrangeHRM before 2.6.11.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-5230 1 Seotoaster 1 Seotoaster 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the selectUserIdByLoginPass function in seotoaster_core/application/models/LoginModel.php in Seotoaster 1.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) login parameter to sys/login/index or (2) memberLoginName parameter to sys/login/member.
CVE-2010-4851 1 Eclime 1 Eclime 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote attackers to execute arbitrary SQL commands via the (1) ref or (2) poll_id parameter to index.php, or the (3) country parameter to create_account.php.
CVE-2010-1016 2 Laurent Foulloy, Typo3 2 Sav Filter Selectors, Typo3 2025-04-11 N/A
SQL injection vulnerability in the SAV Filter Selectors (sav_filter_selectors) extension before 1.0.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-5229 1 Apprain 1 Apprain 2025-04-11 N/A
SQL injection vulnerability in quickstart/profile/index.php in the Forum module in appRain CMF 0.1.5 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
CVE-2010-1018 2 Jochen Rau, Typo3 2 Sk Bookreview, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Book Reviews (sk_bookreview) extension 0.0.12 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-3721 1 Psychostats 1 Psychostats 2025-04-11 N/A
SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter.
CVE-2011-5203 1 Akiva 1 Webboard 2025-04-11 N/A
SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information.
CVE-2013-3578 1 Wave 2 Embassy Remote Administration Server, Embassy Remote Administration Server Help Desk 2025-04-11 N/A
SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field), leading to execution of operating-system commands.
CVE-2011-5201 1 Steveyolam 1 Tinyguestbook 2025-04-11 N/A
Multiple SQL injection vulnerabilities in sign.php in tinyguestbook allow remote attackers to execute arbitrary SQL commands via the (1) name and (2) msg parameters. NOTE: some of these details are obtained from third party information.
CVE-2011-5200 1 Dedecms 1 Dedecms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in DeDeCMS, possibly 5.6, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) list.php, (2) members.php, or (3) book.php.
CVE-2011-5198 1 Neturf 1 Ecommerce Shopping Cart 2025-04-11 N/A
SQL injection vulnerability in search.php in Neturf eCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the SearchFor parameter. NOTE: some of these details are obtained from third party information.
CVE-2013-6873 1 Testa 1 Online Test Management System 2025-04-11 N/A
SQL injection vulnerability in Testa Online Test Management System (OTMS) 2.0.0.2 allows remote attackers to execute arbitrary SQL commands via the test_id parameter.
CVE-2011-5169 1 Dell 1 Sonicwall Viewpoint 2025-04-11 N/A
SQL injection vulnerability in sgms/reports/scheduledreports/configure/scheduleProps.jsp in SonicWall ViewPoint 6.0 SP2 allows remote attackers to execute arbitrary SQL commands via the scheduleID parameter.
CVE-2011-5135 1 Docebo 1 Docebolms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the iotask module in DoceboLMS 4.0.4 and earlier allow remote authenticated users with admin or teacher privileges to execute arbitrary SQL commands via the (1) coursereportuiconfig[name] or (2) coursereportuiconfig[description] parameters to index.php.
CVE-2010-1019 2 Sk-typo3, Typo3 2 Sk Simplegallery, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.