| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary SQL commands via the mail parameter. |
| SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected. |
| SQL injection vulnerability in index.php in TaskFreak! 0.6.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sContext parameter. |
| SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers to execute arbitrary SQL commands via the string parameter. |
| Multiple SQL injection vulnerabilities in MeGaCheatZ 1.1 allow remote attackers to execute arbitrary SQL commands via the ItemID parameter to (1) comments.php, (2) view.php, (3) siteadmin/ViewItem.php, and unspecified other vectors. |
| Multiple SQL injection vulnerabilities in websihirbazi 5.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to default.asp in a news page action or (2) the pageid parameter to default.asp. |
| SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL commands via the q parameter to the default URI in patch/. |
| Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) hal.php, (2) cetak.php, (3) lihat.php, (4) pesan.php, and (5) teman.php, different vectors than CVE-2007-4171. NOTE: the scripts may be accessed through requests to the product's top-level default URI, using the pilih parameter, in some circumstances. |
| SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty allows remote attackers to execute arbitrary SQL commands via the uname parameter, a different vector than CVE-2007-6163. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in default.asp (aka the Login Page) in VU Case Manager allows remote attackers to execute arbitrary SQL commands via the password parameter. |
| Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands via the iType parameter in (1) Auto1/type.asp or (2) auto2/type.asp. |
| SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the artnr parameter (aka the search section). NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in default.asp in Okul Otomasyon Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in index.php in the mg2 1.0 module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the album parameter. |
| SQL injection vulnerability in index.php in the newsletter module 1.0 for KwsPHP, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsletter parameter. |
| SQL injection vulnerability in the Frontend MP3 Player (fe_mp3player) 0.2.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in search.php in phpDatingClub 3.7 allows remote attackers to execute arbitrary SQL commands via the sform[day] parameter. |
| Multiple SQL injection vulnerabilities in TekBase All-in-One 3.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) ids parameter to admin.php, the (2) y parameter to members.php, and other unspecified vectors. NOTE: vector 1 requires administrative access. |
| SQL injection vulnerability in close_bug.php in Elvin before 1.2.1 allows remote attackers to execute arbitrary SQL commands via the title (aka subject) field. |
| SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. |
