Export limit exceeded: 19772 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19772 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4898 2 Gantry-framework, Joomla 2 Com Gantry, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Gantry (com_gantry) component 3.0.10 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter to index.php.
CVE-2010-4872 1 Pilotcart 1 Pilot Cart 2025-04-11 N/A
SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the specific parameter.
CVE-2010-4870 1 Bloofox 1 Bloofoxcms 2025-04-11 N/A
SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote attackers to execute arbitrary SQL commands via the gender parameter.
CVE-2010-4869 1 Drbenhur 1 Dbhcms 2025-04-11 N/A
SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrary SQL commands via the editmenu parameter.
CVE-2010-4866 1 Chipmunk-scripts 1 Chipmunk Board 2025-04-11 N/A
SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows remote attackers to execute arbitrary SQL commands via the forumID parameter.
CVE-2010-4864 2 Danieljamesscott, Joomla 2 Com Clubmanager, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Club Manager (com_clubmanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cm_id parameter in an equip presenta action to index.php.
CVE-2010-4739 2 Aretimes, Joomla 2 Com Maianmedia, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Maian Media Silver (com_maianmedia) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a music action to index.php.
CVE-2010-4737 1 Hotwebscripts 1 Hotweb Rentals 2025-04-11 N/A
SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PropResort parameter.
CVE-2010-4735 1 Ecommercemax 1 Digital-goods Seller 2025-04-11 N/A
SQL injection vulnerability in shoppingcart.asp in Ecommercemax Solutions Digital-goods seller (DGS) 1.5 allows remote attackers to execute arbitrary SQL commands via the d parameter.
CVE-2010-0438 1 Otrs 1 Otrs 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in OTRS-Core in Open Ticket Request System (OTRS) 2.1.x before 2.1.9, 2.2.x before 2.2.9, 2.3.x before 2.3.5, and 2.4.x before 2.4.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-4571 2 Eaimproved, Joomla 2 Com Estateagent, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Estate Agent (com_estateagent) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showEO action to index.php.
CVE-2011-4570 2 Joomla, Takeaweb 2 Joomla\!, Com Timereturns 2025-04-11 N/A
SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php.
CVE-2011-4569 2 Mybb, Tom K 2 Mybb, Forum Userbar Plugin 2025-04-11 N/A
SQL injection vulnerability in userbarsettings.php in the Userbar plugin 2.2 for MyBB Forum allows remote attackers to execute arbitrary SQL commands via the image2 parameter.
CVE-2011-4349 1 Freedesktop 1 Colord 2025-04-11 N/A
Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2) cd-device-db.c in colord before 0.1.15 allow local users to execute arbitrary SQL commands via vectors related to color devices and (a) device id, (b) property, or (c) profile id.
CVE-2011-3988 1 Lockon 1 Ec-cube 2025-04-11 N/A
SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE 2.11.0 through 2.11.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-4460 1 Bestpractical 1 Rt 2025-04-11 N/A
SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to execute arbitrary SQL commands by leveraging access to a privileged account.
CVE-2011-4673 2 Automattic, Wordpress 2 Jetpack, Wordpress 2025-04-11 N/A
SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-5291 1 Possesports 1 Posse Softball Director Cms 2025-04-11 N/A
SQL injection vulnerability in team.php in Posse Softball Director CMS allows remote attackers to execute arbitrary SQL commands via the idteam parameter.
CVE-2012-5292 1 Atar2b 1 Atar2b Cms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Atar2b CMS 4.0.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) gallery_e.php, (2) pageE.php, or (3) pageH.php.
CVE-2011-2930 1 Rubyonrails 2 Rails, Ruby On Rails 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name.