Export limit exceeded: 19763 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19763 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-0511 1 Ibm 1 Security Appscan 2025-04-11 N/A
Multiple SQL injection vulnerabilities in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified parameters.
CVE-2010-4942 1 E-xoopport 1 Samsara 2025-04-11 N/A
SQL injection vulnerability in location.php in the eCal module in E-Xoopport Samsara 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter.
CVE-2010-2905 2 Brotherscripts, Scriptsfeed 2 Scripts Directory, Scripts Directory 2025-04-11 N/A
SQL injection vulnerability in info.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2909 2 Joomla, Toughtomato 2 Joomla\!, Com Ttvideo 2025-04-11 N/A
SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to index.php.
CVE-2010-2910 2 Alexred, Joomla 2 Com Oziogallery, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVE-2010-2912 1 Kayako 1 Esupport 2025-04-11 N/A
SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the _a parameter in a downloads action.
CVE-2010-2915 1 Ajsquare 1 Aj Hyip 2025-04-11 N/A
SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2916 1 Ajsquare 1 Aj Hyip 2025-04-11 N/A
SQL injection vulnerability in news.php in AJ Square AJ HYIP MERIDIAN allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4955 1 Php-programs 1 Apboard Developers Apboard 2025-04-11 N/A
SQL injection vulnerability in board/board.php in APBoard Developers APBoard 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3078.
CVE-2010-4957 2 Nadine Schwingler, Typo3 2 Ke Questionnaire, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1269 1 Phpscripte24 1 Niedrig Gebote Pro Auktions System Ii 2025-04-11 N/A
SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
CVE-2010-4958 1 Pradoportal 1 Prado Portal 2025-04-11 N/A
SQL injection vulnerability in index.php in Prado Portal 1.2.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2012-6529 1 Marinet 1 Marinet Cms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Marinet CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) galleryphoto.php or (2) gallery.php; or the roomid parameter to (3) room.php or (4) room2.php.
CVE-2012-6504 1 Shawn Bradley 1 Php Volunteer Management 2025-04-11 N/A
SQL injection vulnerability in mods/hours/data/get_hours.php in PHP Volunteer Management 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-6497 1 Rubyonrails 1 Rails 2025-04-11 N/A
The Authlogic gem for Ruby on Rails, when used with certain versions before 3.2.10, makes potentially unsafe find_by_id method calls, which might allow remote attackers to conduct CVE-2012-6496 SQL injection attacks via a crafted parameter in environments that have a known secret_token value, as demonstrated by a value contained in secret_token.rb in an open-source product.
CVE-2010-4963 1 Hulihanapplications 1 Hulihan Bxr 2025-04-11 N/A
SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote attackers to execute arbitrary SQL commands via the order_by parameter.
CVE-2011-5201 1 Steveyolam 1 Tinyguestbook 2025-04-11 N/A
Multiple SQL injection vulnerabilities in sign.php in tinyguestbook allow remote attackers to execute arbitrary SQL commands via the (1) name and (2) msg parameters. NOTE: some of these details are obtained from third party information.
CVE-2012-6273 1 Bigantsoft 1 Bigant Im Message Server 2025-04-11 N/A
SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU (aka search user) request.
CVE-2010-4967 1 Atcom 1 Netvolution 2025-04-11 N/A
SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter.
CVE-2012-5317 1 Bigware 1 Bigware Shop 2025-04-11 N/A
SQL injection vulnerability in main_bigware_43.php in Bigware Shop before 2.1.5 allows remote attackers to execute arbitrary SQL commands via the lastname parameter in a process action.