Export limit exceeded: 18939 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18939 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-2718 | 2 Drupal, Drupal-id | 2 Drupal, Counter Module | 2025-04-11 | N/A |
| SQL injection vulnerability in the Counter module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "recording visits." | ||||
| CVE-2012-4178 | 1 Symantec | 1 Web Gateway | 2025-04-11 | N/A |
| SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter. | ||||
| CVE-2012-2762 | 1 S9y | 1 Serendipity | 2025-04-11 | N/A |
| SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php. | ||||
| CVE-2010-2908 | 2 Joomdle, Joomla | 2 Com Joomdle, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Joomdle (com_joomdle) component 0.24 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the course_id parameter in a detail action to index.php. | ||||
| CVE-2010-2925 | 1 Openfreeway | 1 Freeway | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Freeway CMS 1.4.3.210 allows remote attackers to execute arbitrary SQL commands via the ecPath parameter. | ||||
| CVE-2012-2171 | 1 Ibm | 18 Ds4100, Ds4200, Ds4300 and 15 more | 2025-04-11 | N/A |
| SQL injection vulnerability in ModuleServlet.do in the Storage Manager Profiler in IBM System Storage DS Storage Manager before 10.83.xx.18 on DS Series devices allows remote authenticated users to execute arbitrary SQL commands via the selectedModuleOnly parameter in a state_viewmodulelog action to the ModuleServlet URI. | ||||
| CVE-2011-0646 | 1 Anserv | 1 Php Low Bids | 2025-04-11 | N/A |
| SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2010-2051 | 1 Debliteck | 1 Dbcart | 2025-04-11 | N/A |
| SQL injection vulnerability in article.php in Debliteck DBCart allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-2047 | 1 Joenasejes | 1 Je Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in JE CMS 1.0.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewcategory action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-0644 | 1 Phpcms | 1 Phpcms 2008 | 2025-04-11 | N/A |
| SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flash_upload.php. | ||||
| CVE-2010-2044 | 2 Adhie Utomo, Joomla | 2 Com Konsultasi, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Konsultasi (com_konsultasi) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in a detail action to index.php. | ||||
| CVE-2010-2042 | 1 Shopex | 1 Ecshop | 2025-04-11 | N/A |
| SQL injection vulnerability in search.php in ECShop 2.7.2 allows remote attackers to execute arbitrary SQL commands via the encode parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-2012 | 1 Sebrac.webcindario | 1 Migascms | 2025-04-11 | N/A |
| SQL injection vulnerability in function.php in MigasCMS 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categorie parameter in a catalogo action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-2923 | 1 Hypermethod | 1 Elearning Server | 2025-04-11 | N/A |
| SQL injection vulnerability in news.php4 in Hypermethod eLearning Server 4G allows remote attackers to execute arbitrary SQL commands via the nid parameter. | ||||
| CVE-2010-1950 | 2 Emultisoft, Joomla | 2 Com Jnewspaper, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the date_info parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-1949 | 2 Emultisoft, Joomla | 2 Com Jnewspaper, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-2925 | 1 Simple Php Agenda | 1 Simple Php Agenda | 2025-04-11 | N/A |
| SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote attackers to execute arbitrary SQL commands via the priority parameter in an addTodo action. | ||||
| CVE-2012-4258 | 1 Myrephp | 1 Myre Real Estate Software | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote attackers to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php. | ||||
| CVE-2010-1873 | 2 Joomla, Jvehicles | 2 Joomla\!, Com Jvehicles | 2025-04-11 | N/A |
| SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1863 | 1 Clantiger | 1 Clantiger | 2025-04-11 | N/A |
| SQL injection vulnerability in the shoutbox module (modules/shoutbox.php) in ClanTiger 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the s_email parameter. | ||||