Export limit exceeded: 357297 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19356 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-5139 | 1 Preprojects | 1 Business Cards Designer | 2025-04-11 | N/A |
| SQL injection vulnerability in page.php in Pre Studio Business Cards Designer allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2013-3577 | 1 Wave | 2 Embassy Remote Administration Server, Embassy Remote Administration Server Help Desk | 2025-04-11 | N/A |
| SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote attackers to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field). | ||||
| CVE-2013-3578 | 1 Wave | 2 Embassy Remote Administration Server, Embassy Remote Administration Server Help Desk | 2025-04-11 | N/A |
| SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field), leading to execution of operating-system commands. | ||||
| CVE-2010-1498 | 1 Clausvb | 1 Dl Stats | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in dl_stats before 2.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) download.php and (2) view_file.php. | ||||
| CVE-2012-1234 | 1 Advantech | 1 Advantech Webaccess | 2025-04-11 | N/A |
| SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0234. | ||||
| CVE-2011-3394 | 1 Myrephp | 1 Myre Real Estate Software | 2025-04-11 | N/A |
| SQL injection vulnerability in findagent.php in MYRE Real Estate Software allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2013-2627 | 1 Idleman | 1 Leed | 2025-04-11 | N/A |
| SQL injection vulnerability in action.php in Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to execute arbitrary SQL commands via the id parameter in a removeFolder action. | ||||
| CVE-2011-1609 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtg85647. | ||||
| CVE-2010-0952 | 1 Insanevisions | 1 Onecms | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in OneCMS 2.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter in an elite action. | ||||
| CVE-2010-1050 | 1 Alexandre Dubus | 1 Audistat | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in AudiStat 1.3 allows remote attackers to execute arbitrary SQL commands via the mday parameter. | ||||
| CVE-2010-0630 | 1 Evernewscripts | 1 Free Joke Script | 2025-04-11 | N/A |
| SQL injection vulnerability in viewjokes.php in Evernew Free Joke Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-0632 | 2 Joomla, Parkviewconsultants | 2 Joomla\!, Com Simplefaq | 2025-04-11 | N/A |
| SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action to index.php. | ||||
| CVE-2010-0698 | 1 Dynamicsoft | 1 Wsc Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC CMS 2.2 allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-0702 | 1 Netfortris | 1 Trixbox | 2025-04-11 | N/A |
| SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2011-5135 | 1 Docebo | 1 Docebolms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the iotask module in DoceboLMS 4.0.4 and earlier allow remote authenticated users with admin or teacher privileges to execute arbitrary SQL commands via the (1) coursereportuiconfig[name] or (2) coursereportuiconfig[description] parameters to index.php. | ||||
| CVE-2013-7094 | 1 Sap | 1 Netweaver | 2025-04-11 | N/A |
| SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-7096 | 1 Sap | 1 Emr Unwired | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in SAP EMR Unwired allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-7225 | 1 Fatfreecrm | 1 Fat Free Crm | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in app/controllers/home_controller.rb in Fat Free CRM before 0.12.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the homepage timeline feature or (2) the activity feature. | ||||
| CVE-2013-7232 | 1 Esri | 1 Arcgis Server | 2025-04-11 | N/A |
| SQL injection vulnerability in ESRI ArcGIS for Server through 10.2 allows remote attackers to execute arbitrary SQL commands via unspecified input to the map or feature service. | ||||
| CVE-2013-7262 | 2 Osgeo, Umn | 2 Mapserver, Mapserver | 2025-04-11 | N/A |
| SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter. | ||||