Search Results (19774 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4940 1 Wanewsletter 1 Wanewsletter 2025-04-11 N/A
SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4938 1 Joomla 2 Com Weblinks, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a categories action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-4797 1 Jobhut.spranger 1 Jobhut 2025-04-11 N/A
SQL injection vulnerability in browse.php in JobHut 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pk parameter.
CVE-2009-4883 1 Todd Rogers 1 Phprecipebook 2025-04-11 N/A
SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and 2.39 allows remote attackers to execute arbitrary SQL commands via the (1) base_id or (2) course_id parameter in a search action.
CVE-2010-1744 1 Alibabaclone 1 B2b Gold Script 2025-04-11 N/A
SQL injection vulnerability in product.html in B2B Gold Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-3479 1 Boutikone 1 Boutikone 2025-04-11 N/A
SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2009-4884 1 Bernhard Frohlich 1 Phpcom 2025-04-11 N/A
Multiple SQL injection vulnerabilities in phpCommunity 2 2.1.8, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the forum_id parameter in a forum action to index.php, (2) the topic_id parameter in a forum action to index.php, (3) the wert parameter in an id search action to index.php, (4) the wert parameter in a nick search action to index.php, or (5) the wert parameter in a forum search action to index.php, related to class_forum.php and class_search.php.
CVE-2010-4702 2 Fxwebdesign, Joomla 2 Com Jradio, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-6243 1 Landing Pages Project 1 Landing Pages Plugin 2025-04-11 N/A
SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the "post" parameter to index.php.
CVE-2009-4892 1 Webjump 1 Webjump\! 2025-04-11 N/A
SQL injection vulnerability in Content Management System WEBjump! allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) portfolio_genre.php and (2) news_id.php.
CVE-2010-4700 1 Php 1 Php 2025-04-11 N/A
The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions.
CVE-2010-4791 2 Marcusg, Php-fusion 2 Mg User Fotoalbum Panel, Php-fusion 2025-04-11 N/A
SQL injection vulnerability in infusions/mg_user_fotoalbum_panel/mg_user_fotoalbum.php in the MG User-Fotoalbum (mg_user_fotoalbum_panel) module 1.0.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the album_id parameter.
CVE-2009-4947 1 Q2solutions 1 Connx 2025-04-11 N/A
SQL injection vulnerability in frmLoginPwdReminderPopup.aspx in Q2 Solutions ConnX 4.0.20080606 allows remote attackers to execute arbitrary SQL commands via the txtEmail parameter.
CVE-2009-4966 2 Elemente, Typo3 2 Ast Addresszipsearch, Typo3 2025-04-11 N/A
SQL injection vulnerability in the AST ZipCodeSearch (ast_addresszipsearch) extension 0.5.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4967 2 Jochen Rieger, Typo3 2 Car, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Car (car) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4791 1 Ryan Haudenschilt 1 Family Connections 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Family Connections (aka FCMS) before 1.8.2 allow remote attackers to execute arbitrary SQL commands via the (1) letter parameter to addressbook.php, (2) id parameter to recipes.php, (3) year parameter to register.php, (4) poll_id parameter to home.php, and (5) email parameter to lostpw.php.
CVE-2009-4783 1 Mntechsolutions 1 Theeta Cms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Theeta CMS, possibly 0.01, allow remote attackers to execute arbitrary SQL commands via the start parameter to (1) forum.php and (2) thread.php in community/, and (3) blog/index.php.
CVE-2009-4735 1 Allomani 1 Audio \& Video Library 2025-04-11 N/A
SQL injection vulnerability in login.php in Allomani Audio & Video Library (Songs & Clips version) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
CVE-2010-0608 1 Novaboard 1 Novaboard 2025-04-11 N/A
SQL injection vulnerability in index.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the forums[] parameter in a search action.
CVE-2010-4780 1 Enanocms 1 Enano Cms 2025-04-11 N/A
SQL injection vulnerability in the check_banlist function in includes/sessions.php in Enano CMS 1.1.7pl1; 1.0.6pl2; and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2 allows remote attackers to execute arbitrary SQL commands via the email parameter to index.php. NOTE: some of these details are obtained from third party information.