Export limit exceeded: 19645 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19645 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-4948 1 Machform 1 Machform 2025-04-11 N/A
SQL injection vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary SQL commands via the element_2 parameter.
CVE-2009-4680 1 Phpdirectorysource 1 Phpdirectorysource 2025-04-11 N/A
SQL injection vulnerability in search.php in phpDirectorySource 1.x allows remote attackers to execute arbitrary SQL commands via the st parameter.
CVE-2012-5874 1 Elite-board 1 Elite Bulletin Board 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the (1) update_whosonline_reg and (2) update_whosonline_guest functions in Elite Bulletin Board before 2.1.22 allow remote attackers to execute arbitrary SQL commands via the PATH_INFO to (a) checkuser.php, (b) groups.php, (c) index.php, (d) login.php, (e) quicklogin.php, (f) register.php, (g) Search.php, (h) viewboard.php, or (i) viewtopic.php.
CVE-2013-3523 1 Gajennings 1 This 2025-04-11 N/A
SQL injection vulnerability in This HTML Is Simple (THIS) before 1.2.4 allows remote to execute arbitrary SQL commands via vectors related to op=page&id= in the URL.
CVE-2010-1269 1 Phpscripte24 1 Niedrig Gebote Pro Auktions System Ii 2025-04-11 N/A
SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
CVE-2011-3394 1 Myrephp 1 Myre Real Estate Software 2025-04-11 N/A
SQL injection vulnerability in findagent.php in MYRE Real Estate Software allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2010-3207 1 Galeriashqip 1 Galeriashqip 2025-04-11 N/A
SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the album_id parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-1522 2 Joomla, Ordasoft 2 Joomla\!, Com Booklibrary 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the BookLibrary Basic (com_booklibrary) component 1.5.3 before 1.5.3_2010_06_20 for Joomla! allow remote attackers to execute arbitrary SQL commands via the bid[] parameter in a (1) lend_request or (2) save_lend_request action to index.php, the id parameter in a (3) mdownload or (4) downitsf action to index.php, or (5) the searchtext parameter in a search action to index.php.
CVE-2013-3522 1 Vbulletin 1 Vbulletin 2025-04-11 N/A
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter.
CVE-2010-1538 1 Bluestrikeweb 1 Phpraincheck 2025-04-11 N/A
SQL injection vulnerability in print_raincheck.php in phpRAINCHECK 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-1583 2 Taskfreak, Tirzen 2 Taskfreak\!, Tirzen Framework 2025-04-11 N/A
SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action.
CVE-2010-4517 2 Harmistechnology, Joomla 2 Com Jeauto, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the char parameter in an item action to index.php.
CVE-2010-1595 1 Ocsinventory-ng 1 Ocs Inventory Ng 2025-04-11 N/A
Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to execute arbitrary SQL commands via the (1) c, (2) val_1, or (3) onglet_bis parameter.
CVE-2010-3027 1 Tycoon 1 Baseball Script 2025-04-11 N/A
SQL injection vulnerability in index.php in Tycoon Baseball Script 1.0.9 allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a game_player action.
CVE-2010-1701 1 Rocky.nu 1 Php Video Battle Script 2025-04-11 N/A
SQL injection vulnerability in browse.html in PHP Video Battle Script allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2013-4461 1 Redhat 1 Enterprise Mrg 2025-04-11 N/A
SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator."
CVE-2010-1706 1 2daybiz 1 Auction Script 2025-04-11 N/A
Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote attackers to execute arbitrary SQL commands via (1) the login field (aka the username parameter), and possibly (2) the password field, to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1713 1 Postnuke 1 Postnuke 2025-04-11 N/A
SQL injection vulnerability in modules.php in PostNuke 0.764 allows remote attackers to execute arbitrary SQL commands via the sid parameter in a News article modload action.
CVE-2010-1716 2 Joomla, Joomlanetprojects 2 Joomla\!, Com Agenda 2025-04-11 N/A
SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2010-1744 1 Alibabaclone 1 B2b Gold Script 2025-04-11 N/A
SQL injection vulnerability in product.html in B2B Gold Script allows remote attackers to execute arbitrary SQL commands via the id parameter.