Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3961 | 1 Abeel | 1 Simple Php Agenda | 2017-08-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in edit_event.php in Simple PHP Agenda before 2.2.9 allows remote authenticated users to execute arbitrary SQL commands via the eventid parameter. | |||||
| CVE-2013-3531 | 1 Radiocms | 1 Radiocms | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in meneger.php in RadioCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter. | |||||
| CVE-2013-5310 | 2 Mauro Lorenzutti, Typo3 | 2 Wfqbe, Typo3 | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the DB Integration (wfqbe) extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2013-6302 | 1 Ibm | 1 Algo One | 2017-08-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6331. | |||||
| CVE-2013-5322 | 2 Jan Bednarik, Typo3 | 2 Cooluri, Typo3 | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the CoolURI extension before 1.0.30 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2013-4681 | 2 Michael Staatz, Typo3 | 2 Sofortueberweisung2commerce, Typo3 | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the sofortueberweisung2commerce extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2013-4879 | 1 Bigtreecms | 1 Bigtree Cms | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in core/inc/bigtree/cms.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. | |||||
| CVE-2012-5101 | 2 Jextensions, Joomla | 2 Je Poll Component, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JExtensions JE Poll component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-4990 | 1 Openx | 1 Openx | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/campaign-zone-link.php in OpenX 2.8.10 before revision 81823 allows remote attackers to execute arbitrary SQL commands via the ids[] parameter in a link action. | |||||
| CVE-2012-4951 | 1 Verifone | 1 Vericentre Web Console | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter. | |||||
| CVE-2012-5000 | 2 Blueteck, Dzcp | 2 Witze Addon, Dev\!l\'z Clanportal | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 for deV!L'z Clanportal allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action. | |||||
| CVE-2012-5333 | 1 Preprojects | 1 Pre Printing Press | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in page.php in Pre Printing Press allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2012-5861 | 1 Sinapsitech | 4 Esolar Duo Photovoltaic System Monitor, Esolar Light Photovoltaic System Monitor, Esolar Photovoltaic System Monitor and 1 more | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities on the Sinapsi eSolar Light Photovoltaic System Monitor (aka Schneider Electric Ezylog photovoltaic SCADA management server), Sinapsi eSolar, and Sinapsi eSolar DUO with firmware before 2.0.2870_2.2.12 allow remote attackers to execute arbitrary SQL commands via (1) the inverterselect parameter in a primo action to dettagliinverter.php or (2) the lingua parameter to changelanguagesession.php. | |||||
| CVE-2012-5910 | 1 B2evolution | 1 B2evolution | 2017-08-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in blogs/htsrv/viewfile.php in b2evolution 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via the root parameter. | |||||
| CVE-2012-5766 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2017-08-29 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors involving the RNVisibility page and unspecified screens, a different vulnerability than CVE-2013-0560. | |||||
| CVE-2012-4994 | 1 Limesurvey | 1 Limesurvey | 2017-08-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in admin/admin.php in LimeSurvey before 1.91+ Build 120224 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a browse action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-6526 | 1 Vastal | 1 Freelance Zone | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show_code.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the code_id parameter. | |||||
| CVE-2012-5227 | 1 Peel | 1 Peel Shopping | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2.8 and 2.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2012-6524 | 1 Powie | 1 Pgb | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in kommentar.php in pGB 2.12 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2012-6626 | 1 Brian Cabunac | 1 Browser To Email Phone Message System | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in verify-user.php in b2ePMS 1.0 allows remote attackers to execute arbitrary SQL commands via the username field. | |||||