Search Results (19792 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-2403 1 Hp 1 Network Automation 2025-04-11 N/A
SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2014-0726 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
SQL injection vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05326.
CVE-2010-0722 1 Mhproducts 1 Php Auktion Pro 2025-04-11 N/A
SQL injection vulnerability in news.php in Php Auktion Pro allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4727 1 Junglescripts 1 Ajax Short Url Script 2025-04-11 N/A
SQL injection vulnerability in x/login in JungleScripts Ajax Short Url Script allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2013-7094 1 Sap 1 Netweaver 2025-04-11 N/A
SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-5015 1 Symantec 2 Endpoint Protection Manager, Protection Center 2025-04-11 N/A
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1338 2 Robertotto, Woltlab 2 Teamsite Hack Plugin, Burning Board 2025-04-11 N/A
SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action.
CVE-2012-2236 1 Ryan Walberg 1 Php Gift Registry 2025-04-11 N/A
SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 allows remote authenticated users to execute arbitrary SQL commands via the userid parameter in an edit action.
CVE-2009-4730 1 X10media 1 Adult Script 2025-04-11 N/A
SQL injection vulnerability in report.php in x10 Adult Media Script 1.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0968 1 Geekhelps 1 Admp 2025-04-11 N/A
SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote attackers to execute arbitrary SQL commands via the click parameter.
CVE-2012-6039 1 Yabsoft 1 Advanced Image Hosting Script 2025-04-11 N/A
SQL injection vulnerability in view_comments.php in YABSoft Advanced Image Hosting (AIH) Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter.
CVE-2010-1522 2 Joomla, Ordasoft 2 Joomla\!, Com Booklibrary 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the BookLibrary Basic (com_booklibrary) component 1.5.3 before 1.5.3_2010_06_20 for Joomla! allow remote attackers to execute arbitrary SQL commands via the bid[] parameter in a (1) lend_request or (2) save_lend_request action to index.php, the id parameter in a (3) mdownload or (4) downitsf action to index.php, or (5) the searchtext parameter in a search action to index.php.
CVE-2010-1521 1 Taskfreak 1 Taskfreak\! 2025-04-11 N/A
SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php.
CVE-2010-1480 2 Joomla, Rockettheme 2 Joomla\!, Com Rokmodule 2025-04-11 N/A
SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2014-1204 1 Tableausoftware 1 Tableau Server 2025-04-11 N/A
SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled.
CVE-2010-3027 1 Tycoon 1 Baseball Script 2025-04-11 N/A
SQL injection vulnerability in index.php in Tycoon Baseball Script 1.0.9 allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a game_player action.
CVE-2010-1365 1 Uiga 1 Fan Club 2025-04-11 N/A
SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.
CVE-2014-1206 1 Openwebanalytics 1 Open Web Analytics 2025-04-11 N/A
SQL injection vulnerability in the password reset page in Open Web Analytics (OWA) before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owa_email_address parameter in a base.passwordResetRequest action to index.php.
CVE-2011-2181 1 Reallysimplechat 1 Really Simple Chat 2025-04-11 N/A
Multiple SQL injection vulnerabilities in A Really Simple Chat (ARSC) 3.3-rc2 allow remote attackers to execute arbitrary SQL commands via the (1) arsc_user parameter to base/admin/edit_user.php, (2) arsc_layout_id parameter in base/admin/edit_layout.php, or (3) arsc_room parameter to base/admin/edit_room.php.
CVE-2010-0761 1 Commodityrentals 1 Books\/ebooks Rentals Script 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals Books/eBooks Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a gamecatalog action.