Search Results (19868 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1010 2 Matthias Kall, Typo3 2 Mk Wastebasket, Typo3 2025-04-11 N/A
SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-6869 1 Sap 1 Netweaver 2025-04-11 N/A
SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-6875 1 Nagios 1 Nagios Xi 2025-04-11 N/A
SQL injection vulnerability in functions/prepend_adm.php in Nagios Core Config Manager in Nagios XI before 2012R2.4 allows remote attackers to execute arbitrary SQL commands via the tfPassword parameter to nagiosql/index.php.
CVE-2013-6929 1 Cybozu 1 Garoon 2025-04-11 N/A
SQL injection vulnerability in Cybozu Garoon 3.7 SP2 and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted API input.
CVE-2011-4801 1 Authenex 1 Authenex Strong Authentication System Server 2025-04-11 N/A
SQL injection vulnerability in akeyActivationLogin.do in Authenex Web Management Control in Authenex Strong Authentication System (ASAS) Server 3.1.0.2 and 3.1.0.3 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2012-3834 1 Alienvault 1 Open Source Security Information Management 2025-04-11 N/A
SQL injection vulnerability in forensics/base_qry_main.php in AlienVault Open Source Security Information Management (OSSIM) 3.1 allows remote authenticated users to execute arbitrary SQL commands via the time[0][0] parameter.
CVE-2011-5050 1 Elitecore 1 Cyberoam Unified Threat Management 2025-04-11 N/A
SQL injection vulnerability in corporate/Controller in Elitecore Technologies Cyberoam UTM before 10.01.2 build 059 allows remote authenticated administrators to execute arbitrary SQL commands via the tableid parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-1873 2 Joomla, Jvehicles 2 Joomla\!, Com Jvehicles 2025-04-11 N/A
SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2011-5099 2 Chillcreations, Joomla 2 Mod Ccnewsletter, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in helper/popup.php in the ccNewsletter (mod_ccnewsletter) component 1.0.7 through 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-1342 1 Aimluck 2 Aipo, Aipo-asp 2025-04-11 N/A
SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ASP before 5.1.1, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-5062 1 Mh Products 1 Kleinanzeigenmarkt 2025-04-11 N/A
SQL injection vulnerability in search.php in MH Products kleinanzeigenmarkt allows remote attackers to execute arbitrary SQL commands via the c parameter.
CVE-2010-5061 1 Rsstatic 1 Rsstatic 2025-04-11 N/A
SQL injection vulnerability in index.php in RSStatic allows remote attackers to execute arbitrary SQL commands via the maxarticles parameter.
CVE-2010-5059 1 Cmscout 1 Cmscout 2025-04-11 N/A
SQL injection vulnerability in index.php in CMScout 2.0.8 allows remote attackers to execute arbitrary SQL commands via the album parameter in a photos action.
CVE-2011-5113 2 Joomla, Techdeluge 2 Joomla\!, Com Techfolio 2025-04-11 N/A
SQL injection vulnerability in frontend/models/techfoliodetail.php in Techfolio (com_techfolio) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2009-4968 2 Christian Ehmann, Typo3 2 Event Registr, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Event Registration (event_registr) extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-5116 1 Setseed 1 Setseed Cms 2025-04-11 N/A
SQL injection vulnerability in setseed-hub in SetSeed CMS 5.8.20, 5.11.2, and earlier allows remote attackers to execute arbitrary SQL commands via the loggedInUser cookie.
CVE-2009-4966 2 Elemente, Typo3 2 Ast Addresszipsearch, Typo3 2025-04-11 N/A
SQL injection vulnerability in the AST ZipCodeSearch (ast_addresszipsearch) extension 0.5.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-3350 1 Valarsoft 1 Webmatic 2025-04-11 N/A
SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
CVE-2009-4954 2 Typo3, Websedit 2 Typo3, Sk Calendar 2025-04-11 N/A
SQL injection vulnerability in the Versatile Calendar Extension [VCE] (sk_calendar) extension before 0.3.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-0337 1 Cisco 1 Unified Meetingplace 2025-04-11 N/A
SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtx08939.