Export limit exceeded: 348919 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18923 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-5212 | 1 Intelliants | 1 Subrion Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote attackers to execute arbitrary SQL commands via the (1) user name or (2) password field. | ||||
| CVE-2013-6875 | 1 Nagios | 1 Nagios Xi | 2025-04-11 | N/A |
| SQL injection vulnerability in functions/prepend_adm.php in Nagios Core Config Manager in Nagios XI before 2012R2.4 allows remote attackers to execute arbitrary SQL commands via the tfPassword parameter to nagiosql/index.php. | ||||
| CVE-2012-3477 | 1 Thomas Hunter | 1 Neoinvoice | 2025-04-11 | N/A |
| SQL injection vulnerability in signup_check.php in NeoInvoice allows remote attackers to execute arbitrary SQL commands via the value parameter in a username action. | ||||
| CVE-2012-4279 | 1 Rwcinc | 1 Free Realty | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to agentdisplay.php or (2) edit parameter to admin/admin.php. | ||||
| CVE-2012-5098 | 1 J Waite | 1 Php-x-links | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php. | ||||
| CVE-2013-6873 | 1 Testa | 1 Online Test Management System | 2025-04-11 | N/A |
| SQL injection vulnerability in Testa Online Test Management System (OTMS) 2.0.0.2 allows remote attackers to execute arbitrary SQL commands via the test_id parameter. | ||||
| CVE-2011-4638 | 1 Spamtitan | 1 Webtitan | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in SpamTitan WebTitan before 3.60 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to login-x.php, and allow remote authenticated users to execute arbitrary SQL commands via the (2) bldomain, (3) wldomain, or (4) temid parameter to urls-x.php. | ||||
| CVE-2011-4710 | 2 Getpixie, Lucidcrew | 2 Pixie, Pixie | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Pixie CMS 1.01 through 1.04 allow remote attackers to execute arbitrary SQL commands via the (1) pixie_user parameter and (2) Referer HTTP header in a request to the default URI. | ||||
| CVE-2012-4260 | 1 Hccgmbh | 1 Mycare2x | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in myCare2x allow remote attackers to execute arbitrary SQL commands via the (1) aktion or (2) callurl parameter to modules/patient/mycare2x_pat_info.php; (3) dept_nr or (4) pid parameter to modules/importer/mycare2x_importer.php; (5) myOpsEintrag or (6) keyword parameter in a Suchen action to modules/drg/mycare2x_proc_search.php; or (7) name_last or (8) pid parameter to modules/patient/mycare_pid.php. | ||||
| CVE-2012-4673 | 1 Thomas Hunter | 1 Neoinvoice | 2025-04-11 | N/A |
| SQL injection vulnerability in application/controllers/invoice.php in NeoInvoice might allow remote attackers to execute arbitrary SQL commands via vectors involving the sort_col variable in the list_items function, a different vulnerability than CVE-2012-3477. | ||||
| CVE-2012-4261 | 1 Hccgmbh | 1 Mycare2x | 2025-04-11 | N/A |
| SQL injection vulnerability in modules/patient/mycare2x_pat_info.php in myCare2x allows remote attackers to execute arbitrary SQL commands via the lang parameter. | ||||
| CVE-2013-1613 | 1 Symantec | 2 Security Information Manager, Security Information Manager Appliance | 2025-04-11 | N/A |
| SQL injection vulnerability in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-4601 | 1 Tecnick | 1 Tcexam | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_groups[] parameter to admin/code/tce_edit_test.php or (2) subject_id parameter to admin/code/tce_show_all_questions.php. | ||||
| CVE-2011-4725 | 3 Microsoft, Parallels, Redhat | 3 Windows, Parallels Plesk Panel, Enterprise Linux | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by login_up.php3 and certain other files. | ||||
| CVE-2011-5203 | 1 Akiva | 1 Webboard | 2025-04-11 | N/A |
| SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-5201 | 1 Steveyolam | 1 Tinyguestbook | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in sign.php in tinyguestbook allow remote attackers to execute arbitrary SQL commands via the (1) name and (2) msg parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-5200 | 1 Dedecms | 1 Dedecms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in DeDeCMS, possibly 5.6, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) list.php, (2) members.php, or (3) book.php. | ||||
| CVE-2011-5198 | 1 Neturf | 1 Ecommerce Shopping Cart | 2025-04-11 | N/A |
| SQL injection vulnerability in search.php in Neturf eCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the SearchFor parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2013-6839 | 1 Instantsoft | 1 Instantcms | 2025-04-11 | N/A |
| SQL injection vulnerability in InstantSoft InstantCMS 1.10.3 and earlier allows remote attackers to execute arbitrary SQL commands via the orderby parameter to catalog/[id]. | ||||
| CVE-2012-4282 | 1 Toocharger | 1 Trombinoscope | 2025-04-11 | N/A |
| SQL injection vulnerability in photo.php in Trombinoscope 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||