Search Results (19856 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-5033 1 Fusebox 1 Fusebox 2025-04-11 N/A
SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows remote attackers to execute arbitrary SQL commands via the CatDisplay parameter.
CVE-2010-0692 2 Iptechinside, Joomla 2 Com Jquarks, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2013-5589 3 Cacti, Debian, Opensuse 3 Cacti, Debian Linux, Opensuse 2025-04-11 N/A
SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2013-7232 1 Esri 1 Arcgis Server 2025-04-11 N/A
SQL injection vulnerability in ESRI ArcGIS for Server through 10.2 allows remote attackers to execute arbitrary SQL commands via unspecified input to the map or feature service.
CVE-2013-5569 2 Heiko Sudar, Typo3 2 Slideshare, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Slideshare extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0605 1 Osticket 1 Osticket 2025-04-11 N/A
SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter.
CVE-2013-0684 1 Invensys 1 Wonderware Information Server 2025-04-11 N/A
SQL injection vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0469 1 Files2links 1 F2l 3000 Appliance 2025-04-11 N/A
SQL injection vulnerability in Files2Links F2L 3000 appliance 4.0.0, and possibly other versions and models, allows remote attackers to execute arbitrary SQL commands via unspecified parameters to the login page.
CVE-2012-5334 1 Preprojects 1 Pre Printing Press 2025-04-11 N/A
SQL injection vulnerability in product_desc.php in Pre Printing Press allows remote attackers to execute arbitrary SQL commands via the pid parameter.
CVE-2011-4559 1 Vtiger 1 Vtiger Crm 2025-04-11 N/A
SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php.
CVE-2010-2933 1 Avscripts 1 Av Arcade 2025-04-11 N/A
SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the ava_code cookie to the "main page," related to index.php and the login task.
CVE-2010-4952 2 Joachim Ruhs, Typo3 2 Festat, Typo3 2025-04-11 N/A
SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-5367 1 Orangehrm 1 Orangehrm 2025-04-11 N/A
Multiple SQL injection vulnerabilities in OrangeHRM 2.7.1 RC 1 allow remote authenticated administrators to execute arbitrary SQL commands via the sortField parameter to (1) viewCustomers, (2) viewPayGrades, or (3) viewSystemUsers in symfony/web/index.php/admin/, as demonstrated using cross-site request forgery (CSRF) attacks.
CVE-2010-4846 1 Mhproducts 1 Pay Pal Shop Digital 2025-04-11 N/A
SQL injection vulnerability in view_item.php in MH Products Pay Pal Shop Digital allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2010-4844 1 Mhproducts 1 Easy Online Shop 2025-04-11 N/A
SQL injection vulnerability in content.php in MH Products Easy Online Shop allows remote attackers to execute arbitrary SQL commands via the kat parameter.
CVE-2010-4843 1 Phpwebscripts 1 Ad Manager Pro 2025-04-11 N/A
SQL injection vulnerability in website-page.php in PHP Web Scripts Ad Manager Pro 3.0 allows remote attackers to execute arbitrary SQL commands via the pageId parameter.
CVE-2010-4842 1 Mhproducts 1 Download Center 2025-04-11 N/A
SQL injection vulnerability in admin/login.php in MHP DownloadScript (aka MH Products Download Center) 2.2 allows remote attackers to execute arbitrary SQL commands via the Name parameter. NOTE: some of these details are obtained from third party information.
CVE-2013-5121 1 Phpfox 1 Phpfox 2025-04-11 N/A
SQL injection vulnerability in PHPFox before 3.6.0 (build6) allows remote attackers to execute arbitrary SQL commands via the search[sort_by] parameter to user/browse/view_/.
CVE-2013-5091 1 Vtiger 1 Vtiger Crm 2025-04-11 N/A
SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0 and possibly earlier allows remote authenticated users to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php. NOTE: this issue might be a duplicate of CVE-2011-4559.
CVE-2012-1603 1 Nextbbs 1 Nextbbs 2025-04-11 N/A
Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0.6 allow remote attackers to execute arbitrary SQL commands via the (1) curstr parameter in the findUsers function, (2) id parameter in the isIdAvailable function, or (3) username parameter in the getGreetings function.