Total
18897 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-2324 | 1 Mybb | 1 Mybb | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the (1) user search or (2) Mail Log in the Admin Control Panel (ACP). | ||||
| CVE-2012-3470 | 1 Ushahidi | 1 Ushahidi Platform | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in application/libraries/api/MY_Countries_Api_Object.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to _get_countries functions. | ||||
| CVE-2012-2236 | 1 Ryan Walberg | 1 Php Gift Registry | 2025-04-11 | N/A |
| SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 allows remote authenticated users to execute arbitrary SQL commands via the userid parameter in an edit action. | ||||
| CVE-2010-1660 | 1 Clscript | 1 Clscript Classifieds Script | 2025-04-11 | N/A |
| SQL injection vulnerability in help-details.php in CLScript Classifieds Script allows remote attackers to execute arbitrary SQL commands via the hpId parameter. | ||||
| CVE-2012-2086 | 1 Gajim | 1 Gajim | 2025-04-11 | N/A |
| SQL injection vulnerability in the get_last_conversation_lines function in common/logger.py in Gajim before 0.15 allows remote attackers to execute arbitrary SQL commands via the jig parameter. | ||||
| CVE-2012-5098 | 1 J Waite | 1 Php-x-links | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php. | ||||
| CVE-2012-3395 | 1 Moodle | 1 Moodle | 2025-04-11 | N/A |
| SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to execute arbitrary SQL commands via crafted form data. | ||||
| CVE-2011-1100 | 1 Pixelpost | 1 Pixelpost | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action. | ||||
| CVE-2012-1780 | 1 Socialcms | 1 Socialcms | 2025-04-11 | N/A |
| SQL injection vulnerability in search.php in SocialCMS 1.0.5 allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2012-1777 | 1 F5 | 1 Firepass | 2025-04-11 | N/A |
| SQL injection vulnerability in my.activation.php3 in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 allows remote attackers to execute arbitrary SQL commands via the state parameter. | ||||
| CVE-2010-0372 | 2 Hong Chuyen, Joomla | 2 Com Articlemanager, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Articlemanager (com_articlemanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the artid parameter in a display action to index.php. | ||||
| CVE-2010-0373 | 1 Joomla | 2 Com Libros, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the libros (com_libros) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| CVE-2013-6341 | 1 Dokeos | 1 Dokeos | 2025-04-11 | N/A |
| SQL injection vulnerability in Dokeos 2.2 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the language parameter to index.php. | ||||
| CVE-2010-0614 | 1 Myshell | 1 Evalsmsi | 2025-04-11 | N/A |
| SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the (1) question action, and possibly the (2) sub_par or (3) num_quest actions. | ||||
| CVE-2012-1626 | 2 Drupal, Karen Stevenson | 2 Drupal, Date | 2025-04-11 | N/A |
| SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-2716 | 1 Rich Kavanagh | 1 Psnews | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) ndetail.php and (2) print.php. | ||||
| CVE-2010-0964 | 1 Media-products | 1 Eros Webkatalog | 2025-04-11 | N/A |
| SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action. | ||||
| CVE-2010-1521 | 1 Taskfreak | 1 Taskfreak\! | 2025-04-11 | N/A |
| SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php. | ||||
| CVE-2010-0968 | 1 Geekhelps | 1 Admp | 2025-04-11 | N/A |
| SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote attackers to execute arbitrary SQL commands via the click parameter. | ||||
| CVE-2010-0970 | 1 Jorik Berkepas | 1 Phpmylogon | 2025-04-11 | N/A |
| SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | ||||