Search Results (19855 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-5011 1 Schoolmation 1 Schoolmation 2025-04-11 N/A
SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter.
CVE-2012-5967 1 Merethis 1 Centreon 2025-04-11 N/A
SQL injection vulnerability in menuXML.php in Centreon 2.3.3 through 2.3.9-4 (fixed in Centreon web 2.6.0) allows remote authenticated users to execute arbitrary SQL commands via the menu parameter.
CVE-2010-5013 1 Mckenziecreations 1 Virtual Real Estate Manager 2025-04-11 N/A
SQL injection vulnerability in listing_detail.asp in Mckenzie Creations Virtual Real Estate Manager (VRM) 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter.
CVE-2010-0798 2 Snowflake, Typo3 2 T3blog, Typo3 2025-04-11 N/A
SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-5015 1 2daybiz 1 Network Community Script 2025-04-11 N/A
SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter.
CVE-2010-0803 2 Joomla, Jvideodirect 2 Joomla\!, Com Jvideodirect 2025-04-11 N/A
SQL injection vulnerability in the jVideoDirect (com_jvideodirect) component 1.1 RC3b for Joomla! allows remote attackers to execute arbitrary SQL commands via the v parameter to index.php.
CVE-2010-1010 2 Matthias Kall, Typo3 2 Mk Wastebasket, Typo3 2025-04-11 N/A
SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4696 1 Joomla 1 Joomla\! 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_contact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-4797 1 Truworthit 1 Flex Timesheet 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the log-in form in Truworth Flex Timesheet allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
CVE-2012-2684 2 Redhat, Trevor Mckay 2 Enterprise Mrg, Cumin 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.
CVE-2010-0956 1 Opencart 1 Opencart 2025-04-11 N/A
SQL injection vulnerability in index.php in OpenCart 1.3.2 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2010-1012 2 Mathias Schreiber, Typo3 2 Nf Cleandb, Typo3 2025-04-11 N/A
SQL injection vulnerability in the CleanDB (nf_cleandb) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-5024 1 Cutesite 1 Cutesite Cms 2025-04-11 N/A
SQL injection vulnerability in manage/add_user.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the user_id parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-5029 1 Codefabrik 1 Ecomat Cms 2025-04-11 N/A
SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the show parameter in a web action.
CVE-2010-2141 1 Nitropowered 1 Nitro Web Gallery 2025-04-11 N/A
SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arbitrary SQL commands via the PictureId parameter in an open action.
CVE-2012-2324 1 Mybb 1 Mybb 2025-04-11 N/A
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the (1) user search or (2) Mail Log in the Admin Control Panel (ACP).
CVE-2012-4868 2 Joomla, Kunena 2 Joomla\!, Kunena 2025-04-11 N/A
SQL injection vulnerability in news.php in the Kunena component 1.7.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-5036 1 Iscripts 1 Eswap 2025-04-11 N/A
SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter.
CVE-2009-4680 1 Phpdirectorysource 1 Phpdirectorysource 2025-04-11 N/A
SQL injection vulnerability in search.php in phpDirectorySource 1.x allows remote attackers to execute arbitrary SQL commands via the st parameter.
CVE-2012-2007 1 Hp 1 Performance Insight 2025-04-11 N/A
SQL injection vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.