Export limit exceeded: 18908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4938 | 2 Joomla, Warphd | 2 Joomla\!, Com Jvideo | 2025-04-11 | N/A |
| SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php. | ||||
| CVE-2011-2703 | 2 Osgeo, Umn | 2 Mapserver, Mapserver | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x before 5.6.7, and 6.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) OGC filter encoding or (2) WMS time support. | ||||
| CVE-2010-4906 | 1 Zenphoto | 1 Zenphoto | 2025-04-11 | N/A |
| SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3 and 1.3.1.2 allows remote attackers to execute arbitrary SQL commands via the a parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-4802 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sortfield, (2) sortorder, and (3) sall parameters to user/index.php and (b) user/group/index.php; the id parameter to (4) info.php, (5) perms.php, (6) param_ihm.php, (7) note.php, and (8) fiche.php in user/; and (9) rowid parameter to admin/boxes.php. | ||||
| CVE-2011-4811 | 1 Bst | 1 Bestshoppro | 2025-04-11 | N/A |
| SQL injection vulnerability in pokaz_podkat.php in BestShopPro allows remote attackers to execute arbitrary SQL commands via the str parameter. | ||||
| CVE-2012-1022 | 1 4homepages | 1 4images | 2025-04-11 | N/A |
| SQL injection vulnerability in admin/categories.php in 4images 1.7.10 remote attackers to execute arbitrary SQL commands via the cat_parent_id parameter in an addcat action. | ||||
| CVE-2010-5011 | 1 Schoolmation | 1 Schoolmation | 2025-04-11 | N/A |
| SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter. | ||||
| CVE-2012-6039 | 1 Yabsoft | 1 Advanced Image Hosting Script | 2025-04-11 | N/A |
| SQL injection vulnerability in view_comments.php in YABSoft Advanced Image Hosting (AIH) Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter. | ||||
| CVE-2010-5021 | 1 Cramerdev | 1 Document Library | 2025-04-11 | N/A |
| SQL injection vulnerability in view_group.asp in Digital Interchange Document Library 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intGroupID parameter. | ||||
| CVE-2014-0728 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05313. | ||||
| CVE-2010-5023 | 1 Cramerdev | 1 Digital Interchange Calendar | 2025-04-11 | N/A |
| SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intDivisionID parameter. | ||||
| CVE-2010-5026 | 1 Sfiab | 1 Science Fair In A Box | 2025-04-11 | N/A |
| SQL injection vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-5033 | 1 Fusebox | 1 Fusebox | 2025-04-11 | N/A |
| SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows remote attackers to execute arbitrary SQL commands via the CatDisplay parameter. | ||||
| CVE-2010-5037 | 1 Michau Enterprises | 1 Sensesites Commonsense Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in article.php in SenseSites CommonSense CMS allows remote attackers to execute arbitrary SQL commands via the article_id parameter. | ||||
| CVE-2010-5039 | 1 Scriptsfeed | 1 Recipes Listing Portal | 2025-04-11 | N/A |
| SQL injection vulnerability in control/admin_login.php in ScriptsFeed Recipes Listing Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter (aka the UserName field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-1934 | 1 Sourcefabric | 1 Newscoop | 2025-04-11 | N/A |
| SQL injection vulnerability in admin/country/edit.php in Newscoop before 3.5.5 and 4.x before 4 RC4 allows remote attackers to execute arbitrary SQL commands via the f_country_code parameter. | ||||
| CVE-2010-5029 | 1 Codefabrik | 1 Ecomat Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the show parameter in a web action. | ||||
| CVE-2013-6936 | 1 Mybb | 1 Ajax Forum Stat | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in ajaxfs.php in the Ajax forum stat (Ajaxfs) Plugin 2.0 for MyBB (aka MyBulletinBoard) allow remote attackers to execute arbitrary SQL commands via the (1) tooltip or (2) usertooltip parameter. | ||||
| CVE-2010-4006 | 2 Wsn, Wsnlinks | 3 Links, Wsn Links, Wsn Links | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter. | ||||
| CVE-2011-2751 | 1 Parodia | 1 Parodia | 2025-04-11 | N/A |
| SQL injection vulnerability in Parodia before 6.809 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||