Export limit exceeded: 346641 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 34935 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18785 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-1359 | 2 Bluegate, Xt-commerce | 2 Direct Url, Xt-commerce | 2025-04-11 | N/A |
| SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL module for xt:Commerce, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the coID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-1350 | 2 Joomla, Joomlaprojects | 2 Joomla\!, Com Jp Jobs | 2025-04-11 | N/A |
| SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| CVE-2010-1346 | 1 Ribafs | 1 Mini Cms Ribafs | 2025-04-11 | N/A |
| SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1344 | 2 Cookex, Joomla | 2 Com Ckforms, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php. | ||||
| CVE-2010-1343 | 1 Bjsintay | 1 Sitex | 2025-04-11 | N/A |
| SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter. | ||||
| CVE-2010-1341 | 1 Systemsoftware | 1 Community Black Forum | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attackers to execute arbitrary SQL commands via the s_flaeche parameter. | ||||
| CVE-2010-1338 | 2 Robertotto, Woltlab | 2 Teamsite Hack Plugin, Burning Board | 2025-04-11 | N/A |
| SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action. | ||||
| CVE-2010-1336 | 1 Invohost | 1 Invohost | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) newlanguage parameters to site.php, (3) search parameter to manuals.php, and (4) unspecified vectors to faq.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1331 | 1 Heartlogic | 1 Hl-sitemanager | 2025-04-11 | N/A |
| SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2010-1327 | 1 Tornadostore | 1 Tornadostore | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the marca parameter to precios.php3 or (2) the where parameter in a delivery_courier action to control/abm_list.php3. | ||||
| CVE-2010-1301 | 1 Merethis | 1 Centreon | 2025-04-11 | N/A |
| SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the host_id parameter. | ||||
| CVE-2010-1300 | 1 Yamamah | 1 Yamamah | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Album) 1.00 allows remote attackers to execute arbitrary SQL commands via the calbums parameter. | ||||
| CVE-2012-6520 | 1 Wikidforum | 1 Wikidforum | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the advanced search in Wikidforum 2.10 allow remote attackers to execute arbitrary SQL commands via the (1) select_sort or (2) opt_search_select parameters. NOTE: this issue could not be reproduced by third parties. | ||||
| CVE-2012-6524 | 1 Powie | 1 Pgb | 2025-04-11 | N/A |
| SQL injection vulnerability in kommentar.php in pGB 2.12 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2012-6526 | 1 Vastal | 1 Freelance Zone | 2025-04-11 | N/A |
| SQL injection vulnerability in show_code.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the code_id parameter. | ||||
| CVE-2010-1277 | 1 Zabbix | 1 Zabbix | 2025-04-11 | N/A |
| SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to api_jsonrpc.php. | ||||
| CVE-2012-6529 | 1 Marinet | 1 Marinet Cms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Marinet CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) galleryphoto.php or (2) gallery.php; or the roomid parameter to (3) room.php or (4) room2.php. | ||||
| CVE-2013-0155 | 5 Cloudforms Cloudengine, Debian, Redhat and 2 more | 6 1, Debian Linux, Openshift and 3 more | 2025-04-11 | N/A |
| Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660 and CVE-2012-2694. | ||||
| CVE-2010-1271 | 1 Smart-plugs | 1 Smartplugs | 2025-04-11 | N/A |
| SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute arbitrary SQL commands via the domain parameter. | ||||
| CVE-2010-1270 | 1 Phpscripte24 | 1 Multi Suktions Komplett System | 2025-04-11 | N/A |
| SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | ||||