Export limit exceeded: 19371 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19371 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-1210 | 1 Powie | 1 Pfile | 2025-04-11 | N/A |
| SQL injection vulnerability in pfile/file.php in Powie pFile 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2012-2740 | 1 Phplist | 1 Phplist | 2025-04-11 | N/A |
| SQL injection vulnerability in public_html/lists/admin in phpList before 2.10.18 allows remote attackers to execute arbitrary SQL commands via the sortby parameter in a find action. | ||||
| CVE-2009-4728 | 1 Questions Answered | 1 Questions Answered | 2025-04-11 | N/A |
| SQL injection vulnerability in the administrative interface in Questions Answered 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-5063 | 1 Vwar | 1 Virtual War | 2025-04-11 | N/A |
| SQL injection vulnerability in article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the ratearticleselect parameter. | ||||
| CVE-2010-2516 | 1 2daybiz | 1 Multi Level Marketing Software | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in 2daybiz Multi Level Marketing (MLM) Software allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) index.php and (2) admin/index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2011-1913 | 1 Mercator | 1 Sentinel | 2025-04-11 | N/A |
| SQL injection vulnerability in the login form in the web interface in Mercator SENTINEL 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2011-1915 | 1 Infor | 2 Eclient, Enspire Distribution Management Solution | 2025-04-11 | N/A |
| SQL injection vulnerability in eClient 7.3.2.3 in Enspire Distribution Management Solution 7.3.2.7 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-1234 | 1 Advantech | 1 Advantech Webaccess | 2025-04-11 | N/A |
| SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0234. | ||||
| CVE-2013-6985 | 1 Enorth | 1 Webpublisher Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in m_worklog/log_searchday.jsp in Enorth Webpublisher CMS, possibly 5.0 and earlier, allows remote attackers to execute arbitrary SQL commands via the thisday parameter. | ||||
| CVE-2010-5056 | 2 Gbu Grafici, Joomla | 2 Com Gbufacebook, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the GBU Facebook (com_gbufacebook) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the face_id parameter in a show_face action to index.php. | ||||
| CVE-2010-5047 | 1 V-eva | 1 Press Release Script | 2025-04-11 | N/A |
| SQL injection vulnerability in page.php in V-EVA Press Release Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2013-6931 | 1 Cybozu | 1 Garoon | 2025-04-11 | N/A |
| SQL injection vulnerability in the API in Cybozu Garoon 3.7.x before 3.7.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6929. | ||||
| CVE-2013-6930 | 1 Cybozu | 1 Garoon | 2025-04-11 | N/A |
| SQL injection vulnerability in the page-navigation implementation in Cybozu Garoon 2.0.0 through 2.0.6, 2.1.0 through 2.1.3, 2.5.0 through 2.5.4, 3.0.0 through 3.0.3, 3.5.0 through 3.5.5, and 3.7.x before 3.7.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6929. | ||||
| CVE-2013-6929 | 1 Cybozu | 1 Garoon | 2025-04-11 | N/A |
| SQL injection vulnerability in Cybozu Garoon 3.7 SP2 and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted API input. | ||||
| CVE-2011-2149 | 1 Smartertools | 1 Smarterstats | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the SmarterTools SmarterStats 6.0 web server allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) Admin/frmSite.aspx, (2) Default.aspx, (3) Services/SiteAdmin.asmx, or (4) Client/frmViewReports.aspx; certain cookies to (5) Services/SiteAdmin.asmx or (6) login.aspx; the Referer HTTP header to (7) Services/SiteAdmin.asmx or (8) login.aspx; or (9) the User-Agent HTTP header to Services/SiteAdmin.asmx. | ||||
| CVE-2013-6873 | 1 Testa | 1 Online Test Management System | 2025-04-11 | N/A |
| SQL injection vulnerability in Testa Online Test Management System (OTMS) 2.0.0.2 allows remote attackers to execute arbitrary SQL commands via the test_id parameter. | ||||
| CVE-2013-6869 | 1 Sap | 1 Netweaver | 2025-04-11 | N/A |
| SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-5044 | 2 Joomla, Kanich | 2 Joomla\!, Com Searchlog | 2025-04-11 | N/A |
| SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2013-5120 | 1 Phpfox | 1 Phpfox | 2025-04-11 | N/A |
| SQL injection vulnerability in PHPFox before 3.6.0 (build4) allows remote attackers to execute arbitrary SQL commands via the search[gender] parameter to user/browse/view_/. | ||||
| CVE-2013-5091 | 1 Vtiger | 1 Vtiger Crm | 2025-04-11 | N/A |
| SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0 and possibly earlier allows remote authenticated users to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php. NOTE: this issue might be a duplicate of CVE-2011-4559. | ||||