Search Results (19756 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4752 1 Lightneasy 1 Lightneasy 2025-04-11 N/A
SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter, a different vector than CVE-2008-6593, CVE-2010-3484, and CVE-2010-3485. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2012-2961 1 Symantec 1 Web Gateway 2025-04-11 N/A
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4619 1 Webscripti 1 Mafya Oyun Scrpti 2025-04-11 N/A
SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka Mafia Game Script) allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4770 1 Commodityrentals 1 Dvd Rentals Script 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action.
CVE-2013-5318 1 Benjamin Arnaudetr 1 Ginkgocms 2025-04-11 N/A
SQL injection vulnerability in Ginkgo CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the rang parameter to index.php.
CVE-2013-5322 2 Jan Bednarik, Typo3 2 Cooluri, Typo3 2025-04-11 N/A
SQL injection vulnerability in the CoolURI extension before 1.0.30 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-5306 2 Die-netzmacher, Typo3 2 Browser, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Browser - TYPO3 without PHP (browser) extension before 4.5.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4776 1 Preprojects 1 Pre Online Tests Generator 2025-04-11 N/A
SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via the tid2 parameter.
CVE-2011-0549 1 Symantec 1 Web Gateway 2025-04-11 N/A
SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2010-4898 2 Gantry-framework, Joomla 2 Com Gantry, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Gantry (com_gantry) component 3.0.10 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter to index.php.
CVE-2013-5304 2 Joachim Ruhs, Typo3 2 Locator, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4902 2 Joomla, Joomla-clantools 2 Joomla\!, Clantools 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the Clantools (com_clantools) component 1.2.3 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) squad or (2) showgame parameter to index.php.
CVE-2013-4461 1 Redhat 1 Enterprise Mrg 2025-04-11 N/A
SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator."
CVE-2010-4904 2 Joomla, Simon Philips 2 Joomla\!, Com Aardvertiser 2025-04-11 N/A
SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2013-4422 3 Postgresql, Qt, Quassel-irc 3 Postgresql, Qt, Quassel Irc 2025-04-11 N/A
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.
CVE-2013-5310 2 Mauro Lorenzutti, Typo3 2 Wfqbe, Typo3 2025-04-11 N/A
SQL injection vulnerability in the DB Integration (wfqbe) extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4906 1 Zenphoto 1 Zenphoto 2025-04-11 N/A
SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3 and 1.3.1.2 allows remote attackers to execute arbitrary SQL commands via the a parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-4915 1 Coldgen 1 Coldbookmarks 2025-04-11 N/A
SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action.
CVE-2010-4926 2 Joomla, Timetrack 2 Joomla\!, Com Timetrack 2025-04-11 N/A
SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to index.php.
CVE-2011-4808 2 Joomla, Joomlaextensions 2 Joomla\!, Com Hmcommunity 2025-04-11 N/A
SQL injection vulnerability in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a fnd_home action to index.php.