Export limit exceeded: 18944 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18944 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4985 | 1 Websitesrus | 1 Accessories Me Php Affiliate Script | 2025-04-11 | N/A |
| SQL injection vulnerability in browse.php in Accessories Me PHP Affiliate Script 1.4 allows remote attackers to execute arbitrary SQL commands via the Go parameter. | ||||
| CVE-2009-5088 | 1 Ideacart | 1 Ideacart | 2025-04-11 | N/A |
| SQL injection vulnerability in secure/index.php in IdeaCart 0.02 allows remote attackers to execute arbitrary SQL commands via the cID parameter. | ||||
| CVE-2009-5090 | 1 Daman371 | 1 Bloggeruniverse | 2025-04-11 | N/A |
| SQL injection vulnerability in editcomments.php in Bloggeruniverse Beta 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter and possibly other unspecified vectors. | ||||
| CVE-2009-5091 | 1 Vlinks | 1 Vlinks | 2025-04-11 | N/A |
| SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-5094 | 1 Cmsfaethon | 1 Cms Faethon | 2025-04-11 | N/A |
| SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate allows remote attackers to execute arbitrary SQL commands via the item parameter. | ||||
| CVE-2009-5102 | 1 Atcom | 1 Netvolution | 2025-04-11 | N/A |
| SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter. | ||||
| CVE-2010-0720 | 1 Systemsoftware | 1 Erotik Auktionshaus | 2025-04-11 | N/A |
| SQL injection vulnerability in news.php in Erotik Auktionshaus allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-0115 | 1 Symantec | 2 Web Gateway, Web Gateway Appliance | 2025-04-11 | N/A |
| SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter. | ||||
| CVE-2010-0122 | 1 Timeclock-software | 1 Employee Timeclock Software | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Employee Timeclock Software 0.99 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) auth.php or (b) login_action.php. | ||||
| CVE-2010-0139 | 1 Cisco | 1 Unified Meetingplace | 2025-04-11 | N/A |
| Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.2, and possibly 5 does not properly validate SQL commands, which allows remote attackers to create, modify, or delete data in a database via unspecified vectors, aka Bug ID CSCtc39691. | ||||
| CVE-2010-0147 | 1 Cisco | 1 Security Agent | 2025-04-11 | N/A |
| SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-0375 | 1 Jce-tech | 1 Php Calendars Script | 2025-04-11 | N/A |
| SQL injection vulnerability in product_list.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-0377 | 1 Phpmyspace | 1 Phpmyspace | 2025-04-11 | N/A |
| SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a play_game action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-0400 | 1 Mahara | 1 Mahara | 2025-04-11 | N/A |
| SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username. | ||||
| CVE-2010-0404 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before 0.9.16.016 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) class.sessions_db.inc.php, (2) class.translation_sql.inc.php, or (3) class.auth_sql.inc.php in phpgwapi/inc/. | ||||
| CVE-2010-0438 | 1 Otrs | 1 Otrs | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in OTRS-Core in Open Ticket Request System (OTRS) 2.1.x before 2.1.9, 2.2.x before 2.2.9, 2.3.x before 2.3.5, and 2.4.x before 2.4.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-0454 | 1 Fabricadigital | 1 Publique\! | 2025-04-11 | N/A |
| SQL injection vulnerability in cgi/cgilua.exe/sys/start.htm in Publique! 2.3 allows remote attackers to execute arbitrary SQL commands via the sid parameter. | ||||
| CVE-2010-0457 | 1 A3malnet | 1 Magic-portal | 2025-04-11 | N/A |
| SQL injection vulnerability in home.php in magic-portal 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-0458 | 1 Netartmedia | 1 Blog System | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in NetArt Media Blog System 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to index.php and the (2) note parameter to blog.php. | ||||
| CVE-2010-0459 | 2 Joomla, Yoflash | 2 Joomla\!, Com Mochigames | 2025-04-11 | N/A |
| SQL injection vulnerability in the Mochigames (com_mochigames) component 0.51 and possibly other versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||