Export limit exceeded: 19661 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19661 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1015 2 Laurent Foulloy, Typo3 2 Sav Filter Abc, Typo3 2025-04-11 N/A
SQL injection vulnerability in the SAV Filter Alphabetic (sav_filter_abc) extension before 1.0.9 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-5137 1 Tforum 1 Tforum 2025-04-11 N/A
Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary SQL commands via the (1) TopicID parameter to viewtopic.php, the (2) BoardID parameter to viewboard.php, or (3) CatID parameter to viewcat.php.
CVE-2010-1013 2 Fr.simon Rundell, Typo3 2 Pd Diocesedatabase, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Diocese of Portsmouth Database (pd_diocesedatabase) extension before 0.7.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1012 2 Mathias Schreiber, Typo3 2 Nf Cleandb, Typo3 2025-04-11 N/A
SQL injection vulnerability in the CleanDB (nf_cleandb) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-5139 1 Preprojects 1 Business Cards Designer 2025-04-11 N/A
SQL injection vulnerability in page.php in Pre Studio Business Cards Designer allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-5140 1 Diy-cms 2 Blog, Diy-cms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the blog module 1.0 for DiY-CMS allow remote attackers to execute arbitrary SQL commands via the (1) start parameter to (a) tags.php, (b) list.php, (c) index.php, (d) main_index.php, (e) viewpost.php, (f) archive.php, (g) control/approve_comments.php, (h) control/approve_posts.php, and (i) control/viewcat.php; and the (2) month and (3) year parameters to archive.php.
CVE-2012-1672 1 Useasdf 4444 1 Hotel Booking Portal 2025-04-11 N/A
SQL injection vulnerability in getcity.php in Hotel Booking Portal 0.1 allows remote attackers to execute arbitrary SQL commands via the country parameter.
CVE-2010-1017 2 Laurent Foulloy, Typo3 2 Sav Filter Months, Typo3 2025-04-11 N/A
SQL injection vulnerability in the SAV Filter Months (sav_filter_months) extension before 1.0.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1009 2 Joachim-ruhs, Typo3 2 Educator, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0400 1 Mahara 1 Mahara 2025-04-11 N/A
SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username.
CVE-2009-4807 1 Graugon 1 Php Article Publisher 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Graugon PHP Article Publisher 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) c parameter to index.php and the (2) id parameter to view.php.
CVE-2009-4803 2 Andreas Schwarzkopf, Typo3 2 Accessibility Glossary, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Accessibility Glossary (a21glossary) extension 0.4.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-3435 1 Zabbix 1 Zabbix 2025-04-11 N/A
SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix 1.8.15rc1 and earlier, and 2.x before 2.0.2rc1, allows remote attackers to execute arbitrary SQL commands via the itemid parameter.
CVE-2009-4802 2 Joachim Ruhs, Typo3 2 Flat Manager, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Flat Manager (flatmgr) extension before 1.9.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4798 1 Diskos 1 Diskos Cms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Diskos CMS 6.x allow remote attackers to execute arbitrary SQL commands via the (1) kat parameter to side.asp, and the (2) brugerid and (3) password fields to the administration login feature.
CVE-2009-4797 1 Jobhut.spranger 1 Jobhut 2025-04-11 N/A
SQL injection vulnerability in browse.php in JobHut 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pk parameter.
CVE-2009-4795 1 Xlightftpd 1 Xlight Ftp Server 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Xlight FTP Server before 3.2.1, when ODBC authentication is enabled, allow remote attackers to execute arbitrary SQL commands via the (1) USER (aka username) or (2) PASS (aka password) command.
CVE-2009-4794 1 Community Cms 1 Community Cms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php.
CVE-2009-4792 1 Karl Core 1 Bandsite Cms 2025-04-11 N/A
SQL injection vulnerability in includes/content/member_content.php in BandSite CMS 1.1.4 allows remote attackers to execute arbitrary SQL commands via the memid parameter to members.php.
CVE-2009-4791 1 Ryan Haudenschilt 1 Family Connections 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Family Connections (aka FCMS) before 1.8.2 allow remote attackers to execute arbitrary SQL commands via the (1) letter parameter to addressbook.php, (2) id parameter to recipes.php, (3) year parameter to register.php, (4) poll_id parameter to home.php, and (5) email parameter to lostpw.php.