Export limit exceeded: 18779 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18779 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-5101 | 2 Jextensions, Joomla | 2 Je Poll Component, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the JExtensions JE Poll component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-5162 | 1 Osclass | 1 Osclass | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in oc-admin/ajax/ajax.php in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) edit_category_post or (2) enable_category action to index.php. | ||||
| CVE-2013-3404 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051. | ||||
| CVE-2013-3412 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766. | ||||
| CVE-2013-3437 | 1 Cisco | 1 Unified Operations Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179. | ||||
| CVE-2013-3510 | 1 Gwos | 1 Groundwork Monitor | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in GroundWork Monitor Enterprise 6.7.0 allow remote authenticated users to execute arbitrary SQL commands via (1) nedi/html/System-Export.php, (2) nedi/html/Devices-List.php, or (3) the Noma component. | ||||
| CVE-2013-3523 | 1 Gajennings | 1 This | 2025-04-11 | N/A |
| SQL injection vulnerability in This HTML Is Simple (THIS) before 1.2.4 allows remote to execute arbitrary SQL commands via vectors related to op=page&id= in the URL. | ||||
| CVE-2013-3524 | 1 Simpilotgroup | 1 Pop Up News | 2025-04-11 | N/A |
| SQL injection vulnerability in popupnewsitem/ in the Pop Up News module 2.0 and possibly earlier for phpVMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: this was originally reported as a problem in phpVMS. | ||||
| CVE-2013-3525 | 1 Bestpractical | 1 Request Tracker | 2025-04-11 | N/A |
| SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor disputes this issue, stating "We were unable to replicate it, and the individual that reported it retracted their report," and "we had verified that the claimed exploit did not function according to the author's claims. | ||||
| CVE-2013-3527 | 1 Vanillaforums | 1 Vanilla | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Vanilla Forums before 2.0.18.8 allow remote attackers to execute arbitrary SQL commands via the parameter name in the Form/Email array to (1) entry/signin or (2) entry/passwordrequest. | ||||
| CVE-2013-3530 | 2 Fabricio Zuardi, Wordpress | 2 Xspf Player Plugin, Wordpress | 2025-04-11 | N/A |
| SQL injection vulnerability in playlist.php in the Spiffy XSPF Player plugin 0.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter. | ||||
| CVE-2013-3531 | 1 Radiocms | 1 Radiocms | 2025-04-11 | N/A |
| SQL injection vulnerability in meneger.php in RadioCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter. | ||||
| CVE-2013-3532 | 2 Webdorado, Wordpress | 2 Spider Video Player, Wordpress | 2025-04-11 | N/A |
| SQL injection vulnerability in settings.php in the Web Dorado Spider Video Player plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the theme parameter. | ||||
| CVE-2013-3533 | 1 Virtualaccess | 1 Virtual Access Monitor | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Virtual Access Monitor 3.10.17 and earlier allow attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-3536 | 1 Whmcs | 2 Group Pay, Whmcs | 2025-04-11 | N/A |
| SQL injection vulnerability in the gp_LoadUserFromHash function in functions_hash.php in the Group Pay module 1.5 and earlier for WHMCS allows remote attackers to execute arbitrary SQL commands via the hash parameter. | ||||
| CVE-2013-3537 | 1 Wesley Destailleur | 1 Todoo Forum | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in todooforum.php in Todoo Forum 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id_post or (2) pg parameter. | ||||
| CVE-2013-3577 | 1 Wave | 2 Embassy Remote Administration Server, Embassy Remote Administration Server Help Desk | 2025-04-11 | N/A |
| SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote attackers to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field). | ||||
| CVE-2013-3578 | 1 Wave | 2 Embassy Remote Administration Server, Embassy Remote Administration Server Help Desk | 2025-04-11 | N/A |
| SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field), leading to execution of operating-system commands. | ||||
| CVE-2013-3602 | 1 Trivantis | 1 Coursemill Learning Management System | 2025-04-11 | N/A |
| SQL injection vulnerability in admindocumentworker.jsp in Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to execute arbitrary SQL commands via the docID parameter. | ||||
| CVE-2013-3721 | 1 Psychostats | 1 Psychostats | 2025-04-11 | N/A |
| SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter. | ||||