Search Results (19863 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-4279 1 Rwcinc 1 Free Realty 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to agentdisplay.php or (2) edit parameter to admin/admin.php.
CVE-2012-4414 2 Mariadb, Oracle 2 Mariadb, Mysql 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.
CVE-2010-2051 1 Debliteck 1 Dbcart 2025-04-11 N/A
SQL injection vulnerability in article.php in Debliteck DBCart allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-5162 1 Osclass 1 Osclass 2025-04-11 N/A
Multiple SQL injection vulnerabilities in oc-admin/ajax/ajax.php in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) edit_category_post or (2) enable_category action to index.php.
CVE-2012-5167 1 Atutor 1 Acontent 2025-04-11 N/A
Multiple SQL injection vulnerabilities in ATutor AContent before 1.2-1 allow remote attackers to execute arbitrary SQL commands via the (1) field parameter to course_category/index_inline_editor_submit.php or (2) user/index_inline_editor_submit.php; or (3) id parameter to user/user_password.php.
CVE-2010-2635 1 Ibm 1 Websphere Commerce 2025-04-11 N/A
SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified parameters to "Commerce Organization Admin Console JavaServer pages."
CVE-2010-2672 1 Ez 1 Ez Publish 2025-04-11 N/A
Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) SectionID and (2) SearchTimestamp parameters to the search feature and the (3) SearchContentClassAttributeID parameter to the advancedsearch feature.
CVE-2012-5766 1 Ibm 2 Sterling B2b Integrator, Sterling File Gateway 2025-04-11 N/A
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors involving the RNVisibility page and unspecified screens, a different vulnerability than CVE-2013-0560.
CVE-2010-2683 1 Customerparadigm 1 Pagedirector Cms 2025-04-11 N/A
SQL injection vulnerability in result.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the sub_catid parameter.
CVE-2010-2684 1 Customerparadigm 1 Pagedirector Cms 2025-04-11 N/A
SQL injection vulnerability in index.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0762 1 Commodityrentals 1 Cd Rental Software 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals CD Rental Software allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action.
CVE-2010-0763 1 Commodityrentals 1 Vacation Rental Software 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals Vacation Rental Software allows remote attackers to execute arbitrary SQL commands via the rental_id parameter in a CalendarView action.
CVE-2010-2716 1 Rich Kavanagh 1 Psnews 2025-04-11 N/A
Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) ndetail.php and (2) print.php.
CVE-2012-5967 1 Merethis 1 Centreon 2025-04-11 N/A
SQL injection vulnerability in menuXML.php in Centreon 2.3.3 through 2.3.9-4 (fixed in Centreon web 2.6.0) allows remote authenticated users to execute arbitrary SQL commands via the menu parameter.
CVE-2010-1009 2 Joachim-ruhs, Typo3 2 Educator, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4687 1 Hypersilence 1 Silentum Guestbook 2025-04-11 N/A
SQL injection vulnerability in silentum_guestbook.php in Silentum Guestbook 2.0.2 allows remote attackers to execute arbitrary SQL commands via the messageid parameter.
CVE-2009-4695 1 Radscripts 1 Radlance 2025-04-11 N/A
SQL injection vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action.
CVE-2009-4696 1 Radscripts 1 Radnics 2025-04-11 N/A
SQL injection vulnerability in index.php in RadNICS Gold 5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action.
CVE-2009-4709 2 Dirk Maiwert, Typo3 2 Datamints Newsticker, Typo3 2025-04-11 N/A
SQL injection vulnerability in the datamints Newsticker (datamints_newsticker) extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4701 2 Liviu Mitrofan, Typo3 2 Myth Download, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.