Search Results (19866 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-4292 1 Moodle 1 Moodle 2025-04-11 N/A
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted comments operations.
CVE-2010-0762 1 Commodityrentals 1 Cd Rental Software 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals CD Rental Software allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action.
CVE-2010-1366 1 Uiga 1 Fan Club 2025-04-11 N/A
Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password parameters.
CVE-2010-1343 1 Bjsintay 1 Sitex 2025-04-11 N/A
SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter.
CVE-2010-0763 1 Commodityrentals 1 Vacation Rental Software 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals Vacation Rental Software allows remote attackers to execute arbitrary SQL commands via the rental_id parameter in a CalendarView action.
CVE-2010-1336 1 Invohost 1 Invohost 2025-04-11 N/A
Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) newlanguage parameters to site.php, (3) search parameter to manuals.php, and (4) unspecified vectors to faq.php. NOTE: some of these details are obtained from third party information.
CVE-2010-2716 1 Rich Kavanagh 1 Psnews 2025-04-11 N/A
Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) ndetail.php and (2) print.php.
CVE-2010-1331 1 Heartlogic 1 Hl-sitemanager 2025-04-11 N/A
SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2011-4521 1 Advantech 1 Advantech Webaccess 2025-04-11 N/A
SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary SQL commands via crafted string input.
CVE-2010-1019 2 Sk-typo3, Typo3 2 Sk Simplegallery, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1027 2 Dietmar Schffer, Typo3 2 Travelmate, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Meet Travelmates (travelmate) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1277 1 Zabbix 1 Zabbix 2025-04-11 N/A
SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to api_jsonrpc.php.
CVE-2010-1269 1 Phpscripte24 1 Niedrig Gebote Pro Auktions System Ii 2025-04-11 N/A
SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
CVE-2010-1044 1 Manageengine 1 Oputils 2025-04-11 N/A
SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote attackers to execute arbitrary SQL commands via the isHttpPort parameter.
CVE-2010-5034 1 Iscripts 1 Easybiller 2025-04-11 N/A
SQL injection vulnerability in viewhistorydetail.php in iScripts EasyBiller 1.1 allows remote attackers to execute arbitrary SQL commands via the planid parameter.
CVE-2010-1047 1 Masa2el 1 Music City 2025-04-11 N/A
SQL injection vulnerability in index.php in MASA2EL Music City 1.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a singer action.
CVE-2010-1053 1 Zentracking 1 Zen Time Tracking 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to (a) userlogin.php and (b) managerlogin.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1070 1 Imagoscripts 1 Deviant Art Clone 2025-04-11 N/A
SQL injection vulnerability in index.php in ImagoScripts Deviant Art Clone allows remote attackers to execute arbitrary SQL commands via the seid parameter in a forums viewcat action.
CVE-2011-4570 2 Joomla, Takeaweb 2 Joomla\!, Com Timereturns 2025-04-11 N/A
SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php.
CVE-2010-1075 1 Entrylevelcms 1 El Cms 2025-04-11 N/A
SQL injection vulnerability in index.php in Entry Level CMS (EL CMS) allows remote attackers to execute arbitrary SQL commands via the subj parameter.