Export limit exceeded: 364837 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19780 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19780 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-5229 1 Apprain 1 Apprain 2025-04-11 N/A
SQL injection vulnerability in quickstart/profile/index.php in the Forum module in appRain CMF 0.1.5 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
CVE-2010-4795 2 Joomla, Joomlaseller 2 Joomla\!, Com Jscalendar 2025-04-11 N/A
SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ev_id parameter in a details action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2011-5213 1 Browsercrm 1 Browsercrm 2025-04-11 N/A
Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) login[username] parameter to index.php, (2) parent_id parameter to modules/Documents/version_list.php, or (3) contact_id parameter to modules/Documents/index.php.
CVE-2010-4774 1 Auracms 1 Auracms 2025-04-11 N/A
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171.
CVE-2010-0632 2 Joomla, Parkviewconsultants 2 Joomla\!, Com Simplefaq 2025-04-11 N/A
SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action to index.php.
CVE-2009-4733 1 Supercrackmunkey 1 Simpleloginsys 2025-04-11 N/A
SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-0798 2 Snowflake, Typo3 2 T3blog, Typo3 2025-04-11 N/A
SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0800 2 Joomla, Joomservices 2 Joomla\!, Com Dms 2025-04-11 N/A
SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a view_category action to index.php.
CVE-2013-5015 1 Symantec 2 Endpoint Protection Manager, Protection Center 2025-04-11 N/A
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-1100 1 Pixelpost 1 Pixelpost 2025-04-11 N/A
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action.
CVE-2010-1741 1 Billwerx 1 Billwerx Rc 2025-04-11 N/A
SQL injection vulnerability in request_account.php in Billwerx RC 5.2.2 PL2 allows remote attackers to execute arbitrary SQL commands via the primary_number parameter.
CVE-2009-4712 1 Tukanas 1 Easyclassifieds Script 2025-04-11 N/A
SQL injection vulnerability in index.php in Tukanas Classifieds (aka EasyClassifieds) Script 1.0 allows remote attackers to execute arbitrary SQL commands via the b parameter.
CVE-2010-2335 1 Yamamah 1 Yamamah 2025-04-11 N/A
SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter.
CVE-2013-4948 1 Machform 1 Machform 2025-04-11 N/A
SQL injection vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary SQL commands via the element_2 parameter.
CVE-2009-4711 2 Jan Bednarik, Typo3 2 Cooluri, Typo3 2025-04-11 N/A
SQL injection vulnerability in the CoolURI (cooluri) extension before 1.0.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2008-6686.
CVE-2009-4710 2 Robert Heel, Typo3 2 Cwt Resetbepassword, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Reset backend password (cwt_resetbepassword) extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-5525 1 Cisco 1 Identity Services Engine Software 2025-04-11 N/A
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCug90502.
CVE-2012-2684 2 Redhat, Trevor Mckay 2 Enterprise Mrg, Cumin 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.
CVE-2011-5039 1 Infoproject 1 Biznis Heroj 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to login.php, (3) the filter parameter to widget.dokumenti_lista.php, and (4) the fin_nalog_id parameter to nalozi_naslov.php.
CVE-2011-5198 1 Neturf 1 Ecommerce Shopping Cart 2025-04-11 N/A
SQL injection vulnerability in search.php in Neturf eCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the SearchFor parameter. NOTE: some of these details are obtained from third party information.