Search Results (19763 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4696 1 Joomla 1 Joomla\! 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_contact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2012-2363 1 Moodle 1 Moodle 2025-04-11 N/A
SQL injection vulnerability in calendar/event.php in the calendar implementation in Moodle 1.9.x before 1.9.18 allows remote authenticated users to execute arbitrary SQL commands via a crafted calendar event.
CVE-2010-4917 1 A-blog 1 A-blog 2025-04-11 N/A
SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote attackers to execute arbitrary SQL commands via the words parameter.
CVE-2010-4919 1 Micronetsoft 1 Rv Dealer Website 2025-04-11 N/A
SQL injection vulnerability in detail.asp in Micronetsoft RV Dealer Website 1.0 allows remote attackers to execute arbitrary SQL commands via the vehicletypeID parameter.
CVE-2010-4920 1 Micronetsoft 1 Rental Property Website 2025-04-11 N/A
SQL injection vulnerability in detail.asp in Micronetsoft Rental Property Management Website 1.0 allows remote attackers to execute arbitrary SQL commands via the ad_ID parameter.
CVE-2010-4935 1 Khader Abbeb 1 Entrans 2025-04-11 N/A
SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-2010-4936 2 Joomla, Webmaster-tips 2 Joomla\!, Com Slideshow 2025-04-11 N/A
SQL injection vulnerability in the Slide Show (com_slideshow) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2010-4916 1 Coldgen 1 Coldusergroup 2025-04-11 N/A
Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the (1) ArticleID or (2) LibraryID parameter.
CVE-2011-1061 1 Webmastersite 1 Wsn Guest 2025-04-11 N/A
SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter.
CVE-2011-1064 1 Qibosoft 1 Qi Bo Cms 2025-04-11 N/A
SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 allows remote attackers to execute arbitrary SQL commands via the aidDB[] parameter.
CVE-2011-1913 1 Mercator 1 Sentinel 2025-04-11 N/A
SQL injection vulnerability in the login form in the web interface in Mercator SENTINEL 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-2851 2 Joomla, Ordasoft 2 Joomla\!, Com Booklibrary 2025-04-11 N/A
SQL injection vulnerability in the BookLibrary From Same Author (com_booklibrary) module 1.5 and possibly earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2010-4912 1 Discuz 1 Ucenter Home 2025-04-11 N/A
SQL injection vulnerability in shop.php in UCenter Home 2.0 allows remote attackers to execute arbitrary SQL commands via the shopid parameter in a view action.
CVE-2011-3688 1 Sonexis 1 Conferencemanager 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Sonexis ConferenceManager 9.3.14.0 allow remote attackers to execute arbitrary SQL commands via (1) the g parameter to Conference/Audio/AudioResourceContainer.asp or (2) the txtConferenceID parameter to Login/HostLogin.asp.
CVE-2011-5022 1 Pligg 1 Pligg Cms 2025-04-11 N/A
SQL injection vulnerability in search.php in Pligg CMS 1.1.2 allows remote attackers to execute arbitrary SQL commands via the status parameter.
CVE-2011-5235 1 Mnogosearch 1 Mnogosearch 2025-04-11 N/A
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link.
CVE-2010-4910 1 Coldgen 1 Coldcalendar 2025-04-11 N/A
SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action.
CVE-2010-4720 2 Harmistechnology, Joomla 2 Com Jeauto, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page.
CVE-2011-5031 1 Shilpisoft 1 Capexweb 2025-04-11 N/A
Multiple SQL injection vulnerabilities in servlet/capexweb.parentvalidatepassword in cApexWEB 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) dfuserid and (2) dfpassword parameters. NOTE: some of these details are obtained from third party information.
CVE-2012-5874 1 Elite-board 1 Elite Bulletin Board 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the (1) update_whosonline_reg and (2) update_whosonline_guest functions in Elite Bulletin Board before 2.1.22 allow remote attackers to execute arbitrary SQL commands via the PATH_INFO to (a) checkuser.php, (b) groups.php, (c) index.php, (d) login.php, (e) quicklogin.php, (f) register.php, (g) Search.php, (h) viewboard.php, or (i) viewtopic.php.