Export limit exceeded: 19631 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19631 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0672 | 1 Webmastersite | 1 Wsn Guest | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter. | ||||
| CVE-2010-0671 | 1 Michalin | 1 Kr Media Pogodny Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a niusy action. | ||||
| CVE-2011-3838 | 1 Wuzly | 1 Wuzly | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) u parameter to fp.php, (2) epage parameter to newpage.php, (3) epost parameter to newpost.php, and (4) username parameter to login.php in admin/; or the (5) username parameter to mobile/login.php. | ||||
| CVE-2012-4265 | 1 Itechscripts | 1 Proman Xpress | 2025-04-11 | N/A |
| SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2010-0955 | 1 Media-products | 1 Bild Flirt Community | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Bild Flirt Community 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2012-6519 | 1 Diy-cms | 1 Diy-cms | 2025-04-11 | N/A |
| SQL injection vulnerability in modules/poll/index.php in DIY-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter to mod.php. | ||||
| CVE-2013-3721 | 1 Psychostats | 1 Psychostats | 2025-04-11 | N/A |
| SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter. | ||||
| CVE-2009-4722 | 1 Limny | 1 Limny | 2025-04-11 | N/A |
| SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-4719 | 1 Bob Jewell | 1 Discloser | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Discloser 0.0.4 rc2 allows remote attackers to execute arbitrary SQL commands via the more parameter. | ||||
| CVE-2009-4698 | 2 Alexandre Amaral, Xoops | 2 Xoops Celepar, Xoops | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the Qas (aka Quas) module for XOOPS Celepar allow remote attackers to execute arbitrary SQL commands via the codigo parameter to (1) aviso.php and (2) imprimir.php, and the (3) cod_categoria parameter to categoria.php. | ||||
| CVE-2009-4696 | 1 Radscripts | 1 Radnics | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in RadNICS Gold 5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action. | ||||
| CVE-2009-4691 | 1 Resalecode | 1 Classified Linktrader Script | 2025-04-11 | N/A |
| SQL injection vulnerability in addlink.php in Classified Linktrader Script allows remote attackers to execute arbitrary SQL commands via the slctCategories parameter. | ||||
| CVE-2010-0964 | 1 Media-products | 1 Eros Webkatalog | 2025-04-11 | N/A |
| SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action. | ||||
| CVE-2010-0968 | 1 Geekhelps | 1 Admp | 2025-04-11 | N/A |
| SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote attackers to execute arbitrary SQL commands via the click parameter. | ||||
| CVE-2010-0970 | 1 Jorik Berkepas | 1 Phpmylogon | 2025-04-11 | N/A |
| SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-5590 | 2 Drupal, Scripthead | 2 Drupal, Webmail Plus | 2025-04-11 | N/A |
| SQL injection vulnerability in the Webmail Plus module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-7149 | 2 Openx, Revive-adserver | 2 Openx, Revive Adserver | 2025-04-11 | N/A |
| SQL injection vulnerability in www/delivery/axmlrpc.php (aka the XML-RPC delivery invocation script) in Revive Adserver before 3.0.2, and OpenX Source 2.8.11 and earlier, allows remote attackers to execute arbitrary SQL commands via the what parameter to an XML-RPC method. | ||||
| CVE-2013-7175 | 1 Avanset | 1 Visual Certexam Manager | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Avanset Visual CertExam Manager 3.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) Title, (2) File name, or (3) Candidate Name field. | ||||
| CVE-2012-5453 | 1 Atutor | 1 Acontent | 2025-04-11 | N/A |
| SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-5167. | ||||
| CVE-2012-5328 | 2 Cartpauj, Wordpress | 2 Mingle-forum, Wordpress | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress might allow remote authenticated users to execute arbitrary SQL commands via the (1) memberid or (2) groupid parameters in a removemember action or (3) id parameter to fs-admin/fs-admin.php, or (4) edit_forum_id parameter in an edit_save_forum action to fs-admin/wpf-edit-forum-group.php. | ||||