Export limit exceeded: 364491 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19756 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19756 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-7301 1 Sclek 1 Jsite 2025-04-11 N/A
SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1949 2 Emultisoft, Joomla 2 Com Jnewspaper, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2013-2627 1 Idleman 1 Leed 2025-04-11 N/A
SQL injection vulnerability in action.php in Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to execute arbitrary SQL commands via the id parameter in a removeFolder action.
CVE-2010-4936 2 Joomla, Webmaster-tips 2 Joomla\!, Com Slideshow 2025-04-11 N/A
SQL injection vulnerability in the Slide Show (com_slideshow) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2010-2016 1 Imagetraders 1 Iceberg Cms 2025-04-11 N/A
SQL injection vulnerability in details.php in Iceberg CMS allows remote attackers to execute arbitrary SQL commands via the p_id parameter.
CVE-2010-3922 1 Sixapart 1 Movabletype 2025-04-11 N/A
SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-5287 1 Cstech 1 Webconductor 2025-04-11 N/A
SQL injection vulnerability in default.php in Cornerstone Technologies webConductor allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-3601 1 Invisionpower 1 Ibphotohost 2025-04-11 N/A
SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows remote attackers to execute arbitrary SQL commands via the img parameter.
CVE-2012-4971 1 Layton Technology 1 Helpbox 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Layton Helpbox 4.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) reqclass parameter to editrequestenduser.asp; the (2) sys_request_id parameter to editrequestuser.asp; the (3) sys_request_id parameter to enduseractions.asp; the (4) sys_request_id or (5) confirm parameter to enduserreopenrequeststatus.asp; the (6) searchsql, (7) back, or (8) status parameter to enduserrequests.asp; the (9) sys_userpwd parameter to validateenduserlogin.asp; the (10) sys_userpwd parameter to validateuserlogin.asp; the (11) sql parameter to editenduseruser.asp; the (12) sql parameter to manageenduserrequestclasses.asp; the (13) sql parameter to resetpwdenduser.asp; the (14) sql parameter to disableloginenduser.asp; the (15) sql parameter to deleteenduseruser.asp; the (16) sql parameter to manageendusers.asp; or the (17) site parameter to statsrequestagereport.asp.
CVE-2010-2092 1 Cacti 1 Cacti 2025-04-11 N/A
SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the POST or cookie value to bypass the validation routine, but inserts the $_GET value into the resulting query.
CVE-2011-5145 1 Obm 1 Open Business Management 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sel_domain_id or (2) action parameter to obm.php; (3) tf_user parameter in a search action to group/group_index.php; (4) tf_delegation, (5) tf_ip, (6) tf_name to host/host_index.php; or (7) lang, (8) theme, (9) cal_alert, (10) cal_first_hour, (11) cal_interval, (12) cal_last_hour, (13) commentorder, (14) csv_sep, (15) date, (16) date_upd, (17) debug_exe, (18) debug_id, (19) debug_param, (20) debug_sess, (21) debug_solr, (22) debug_sql, (23) dsrc, (24) menu, (25) rows, (26) sel_display_days, (27) timeformat, (28) timezone, or (29) todo parameter to settings/settings_index.php.
CVE-2011-1061 1 Webmastersite 1 Wsn Guest 2025-04-11 N/A
SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter.
CVE-2011-1064 1 Qibosoft 1 Qi Bo Cms 2025-04-11 N/A
SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 allows remote attackers to execute arbitrary SQL commands via the aidDB[] parameter.
CVE-2011-5091 1 Grboard 1 Grboard 2025-04-11 N/A
Multiple SQL injection vulnerabilities in GR Board (aka grboard) 1.8.6.5 Community Edition allow remote attackers to execute arbitrary SQL commands via the (1) tableType or (2) blindTarget parameter to view.php, (3) the delTargets[0] parameter to view_memo.php, or (4) the isReported parameter to write_ok.php.
CVE-2012-5766 1 Ibm 2 Sterling B2b Integrator, Sterling File Gateway 2025-04-11 N/A
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors involving the RNVisibility page and unspecified screens, a different vulnerability than CVE-2013-0560.
CVE-2012-2962 1 Sonicwall 1 Scrutinizer 2025-04-11 N/A
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter.
CVE-2010-2254 2 Joomla, Shape5 2 Joomla\!, Bridge Of Hope Template 2025-04-11 N/A
SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php.
CVE-2011-1913 1 Mercator 1 Sentinel 2025-04-11 N/A
SQL injection vulnerability in the login form in the web interface in Mercator SENTINEL 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-2325 1 Mybb 1 Mybb 2025-04-11 N/A
SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-2338 1 Johan Cwiklinski 1 Galette 2025-04-11 N/A
SQL injection vulnerability in includes/picture.class.php in Galette 0.63, 0.63.1, 0.63.2, 0.63.3, and 0.64rc1 allows remote attackers to execute arbitrary SQL commands via the id_adh parameter to picture.php.