Export limit exceeded: 19756 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19756 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-4803 2 Bravenewcode, Wordpress 2 Wptouch, Wordpress 2025-04-11 N/A
SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-5212 1 Intelliants 1 Subrion Cms 2025-04-11 N/A
SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote attackers to execute arbitrary SQL commands via the (1) user name or (2) password field.
CVE-2011-5215 1 2daybiz 1 Video Community Portal Script 2025-04-11 N/A
SQL injection vulnerability in index.php in Video Community Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-5235 1 Mnogosearch 1 Mnogosearch 2025-04-11 N/A
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link.
CVE-2013-5673 2 Indianic, Wordpress 2 Testimonial Plugin, Wordpress 2025-04-11 N/A
SQL injection vulnerability in testimonial.php in the IndiaNIC Testimonial plugin 2.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the custom_query parameter in a testimonial_add action to wp-admin/admin-ajax.php.
CVE-2011-4215 1 Oneorzero 1 Aims 2025-04-11 N/A
SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variable.
CVE-2010-2095 1 Cmsqlite 1 Cmsqlite 2025-04-11 N/A
SQL injection vulnerability in index.php in CMSQlite 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the c parameter.
CVE-2011-4113 2 Drupal, Earl Miles 2 Drupal, Views 2025-04-11 N/A
SQL injection vulnerability in the Views module before 6.x-2.13 for Drupal allows remote attackers to execute arbitrary SQL commands via vectors related to "filters/arguments on certain types of views with specific configurations of arguments."
CVE-2012-0727 1 Ibm 6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more 2025-04-11 N/A
SQL injection vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-4743 2 Eos.pe, Zeroboard 2 Siche Search Module, Zeroboard 2025-04-11 N/A
Multiple SQL injection vulnerabilities in ssearch.php in Siche search module 0.5 for Zeroboard allow remote attackers to execute arbitrary SQL commands via the (1) ss, (2) sm, (3) align, or (4) category parameters.
CVE-2013-5723 1 Sap 1 Netweaver 2025-04-11 N/A
SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "ABAD0_DELETE_DERIVATION_TABLE."
CVE-2010-3924 1 Aimluck 1 Aipo 2025-04-11 N/A
SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-2181 1 Reallysimplechat 1 Really Simple Chat 2025-04-11 N/A
Multiple SQL injection vulnerabilities in A Really Simple Chat (ARSC) 3.3-rc2 allow remote attackers to execute arbitrary SQL commands via the (1) arsc_user parameter to base/admin/edit_user.php, (2) arsc_layout_id parameter in base/admin/edit_layout.php, or (3) arsc_room parameter to base/admin/edit_room.php.
CVE-2011-2141 1 Ibm 1 Datacap Taskmaster Capture 2025-04-11 N/A
SQL injection vulnerability in TMWeb in IBM Datacap Taskmaster Capture 8.0.1 before FP1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-4925 1 Imgpals 1 Img Pals Photo Host 2025-04-11 N/A
Multiple SQL injection vulnerabilities in approve.php in Img Pals Photo Host 1.0 allow remote attackers to execute arbitrary SQL commands via the u parameter in a (1) app0 or (2) app1 action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2011-1722 2 Typo3, Webempoweredchurch 2 Typo3, Wec Discussion 2025-04-11 N/A
Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in April 2011.
CVE-2012-4927 1 Limesurvey 1 Limesurvey 2025-04-11 N/A
SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php.
CVE-2011-1667 1 Xmedien 1 Anzeigenmarkt 2025-04-11 N/A
SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action.
CVE-2011-1555 1 Aphpkb 1 Aphpkb 2025-04-11 N/A
SQL injection vulnerability in saa.php in Andy's PHP Knowledgebase (Aphpkb) 0.95.3 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter, a different vulnerability than CVE-2011-1546. NOTE: some of these details are obtained from third party information.
CVE-2010-5059 1 Cmscout 1 Cmscout 2025-04-11 N/A
SQL injection vulnerability in index.php in CMScout 2.0.8 allows remote attackers to execute arbitrary SQL commands via the album parameter in a photos action.