Export limit exceeded: 18782 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18782 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-6936 | 1 Mybb | 1 Ajax Forum Stat | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in ajaxfs.php in the Ajax forum stat (Ajaxfs) Plugin 2.0 for MyBB (aka MyBulletinBoard) allow remote attackers to execute arbitrary SQL commands via the (1) tooltip or (2) usertooltip parameter. | ||||
| CVE-2013-6985 | 1 Enorth | 1 Webpublisher Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in m_worklog/log_searchday.jsp in Enorth Webpublisher CMS, possibly 5.0 and earlier, allows remote attackers to execute arbitrary SQL commands via the thisday parameter. | ||||
| CVE-2010-5021 | 1 Cramerdev | 1 Document Library | 2025-04-11 | N/A |
| SQL injection vulnerability in view_group.asp in Digital Interchange Document Library 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intGroupID parameter. | ||||
| CVE-2010-5020 | 1 Netartmedia | 1 Iboutique | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2014-0080 | 1 Rubyonrails | 1 Rails | 2025-04-11 | N/A |
| SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/cast.rb in Active Record in Ruby on Rails 4.0.x before 4.0.3, and 4.1.0.beta1, when PostgreSQL is used, allows remote attackers to execute "add data" SQL commands via vectors involving \ (backslash) characters that are not properly handled in operations on array columns. | ||||
| CVE-2010-5019 | 1 2daybiz | 1 Online Classified Script | 2025-04-11 | N/A |
| SQL injection vulnerability in view_photo.php in 2daybiz Online Classified Script allows remote attackers to execute arbitrary SQL commands via the alb parameter. | ||||
| CVE-2014-1401 | 1 Auracms | 1 Auracms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in AuraCMS 2.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search parameter to mod/content/content.php or (2) CLIENT_IP, (3) X_FORWARDED_FOR, (4) X_FORWARDED, (5) FORWARDED_FOR, or (6) FORWARDED HTTP header to index.php. | ||||
| CVE-2014-1466 | 1 Csp Mysql User Manager Project | 1 Csp Mysql User Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in CSP MySQL User Manager 2.3 allows remote attackers to execute arbitrary SQL commands via the login field of the login page. | ||||
| CVE-2014-1471 | 1 Otrs | 1 Otrs | 2025-04-11 | N/A |
| SQL injection vulnerability in the StateGetStatesByType function in Kernel/System/State.pm in Open Ticket Request System (OTRS) 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allows remote attackers to execute arbitrary SQL commands via vectors related to a ticket search URL. | ||||
| CVE-2010-5017 | 1 Eliteladders | 1 Elite Gaming Ladders | 2025-04-11 | N/A |
| SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter. | ||||
| CVE-2010-5016 | 1 Eliteladders | 1 Elite Gaming Ladders | 2025-04-11 | N/A |
| SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the match parameter. | ||||
| CVE-2010-5015 | 1 2daybiz | 1 Network Community Script | 2025-04-11 | N/A |
| SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter. | ||||
| CVE-2010-5014 | 1 Eliteladders | 1 Elite Gaming Ladders | 2025-04-11 | N/A |
| SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter. | ||||
| CVE-2010-5013 | 1 Mckenziecreations | 1 Virtual Real Estate Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in listing_detail.asp in Mckenzie Creations Virtual Real Estate Manager (VRM) 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter. | ||||
| CVE-2010-5011 | 1 Schoolmation | 1 Schoolmation | 2025-04-11 | N/A |
| SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter. | ||||
| CVE-2010-5009 | 1 Ut-files | 1 Utstats | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action. | ||||
| CVE-2010-5008 | 1 Denaliintranet | 1 Brightsuite Groupware | 2025-04-11 | N/A |
| SQL injection vulnerability in pages/contact_list_mail_form.asp in BrightSuite Groupware 5.4 allows remote attackers to execute arbitrary SQL commands via the ContactID parameter. | ||||
| CVE-2010-5006 | 1 Emophp | 1 Emo Realty Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter. | ||||
| CVE-2010-5004 | 1 2daybiz | 1 Polls Script | 2025-04-11 | N/A |
| SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2010-4876 | 1 Mblogger Project | 1 Mblogger | 2025-04-11 | N/A |
| SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows remote attackers to execute arbitrary SQL commands via the postID parameter. | ||||