Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1074 | 1 Typo3 | 2 Mm Whtppr, Typo3 | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the White Papers (mm_whtppr) extension 0.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-1210 | 1 Powie | 1 Pfile | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pfile/file.php in Powie pFile 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2012-2908 | 1 Viscacha | 1 Viscacha | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/bbcodes.php in Viscacha 0.8.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) bbcodeexample, (2) buttonimage, or (3) bbcodetag parameter. | |||||
| CVE-2012-1071 | 2 Mathieu Vidal, Typo3 | 2 Mv Cooking, Typo3 | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Kitchen recipe (mv_cooking) extension before 0.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild as of February 2012. | |||||
| CVE-2012-0980 | 1 Phux | 1 Download Manager | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in download.php in phux Download Manager allows remote attackers to execute arbitrary SQL commands via the file parameter. | |||||
| CVE-2012-2923 | 1 Hypermethod | 1 Elearning Server | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php4 in Hypermethod eLearning Server 4G allows remote attackers to execute arbitrary SQL commands via the nid parameter. | |||||
| CVE-2012-1780 | 1 Socialcms | 1 Socialcms | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in SocialCMS 1.0.5 allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2012-1026 | 1 Johannes Ekberg | 1 Xray Cms | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login2.php in XRay CMS 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. | |||||
| CVE-2012-2171 | 1 Ibm | 18 Ds4100, Ds4200, Ds4300 and 15 more | 2017-08-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in ModuleServlet.do in the Storage Manager Profiler in IBM System Storage DS Storage Manager before 10.83.xx.18 on DS Series devices allows remote authenticated users to execute arbitrary SQL commands via the selectedModuleOnly parameter in a state_viewmodulelog action to the ModuleServlet URI. | |||||
| CVE-2011-3988 | 1 Lockon | 1 Ec-cube | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE 2.11.0 through 2.11.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-5103 | 1 Alurian | 1 Prismotube Video Script | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Alurian Prismotube PHP Video Script allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2011-4113 | 2 Drupal, Earl Miles | 2 Drupal, Views | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Views module before 6.x-2.13 for Drupal allows remote attackers to execute arbitrary SQL commands via vectors related to "filters/arguments on certain types of views with specific configurations of arguments." | |||||
| CVE-2011-5218 | 1 Neubivljiv | 1 Dota Openstats | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in DotA OpenStats 1.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2011-4570 | 2 Joomla, Takeaweb | 2 Joomla\!, Com Timereturns | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php. | |||||
| CVE-2011-3989 | 1 Hiroyuki Oyama | 1 Dbd\ | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-5235 | 1 Mnogosearch | 1 Mnogosearch | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link. | |||||
| CVE-2011-5215 | 1 2daybiz | 1 Video Community Portal Script | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Video Community Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2011-4674 | 1 Zabbix | 1 Zabbix | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the only_hostid parameter. | |||||
| CVE-2011-4847 | 2 Microsoft, Parallels | 3 Windows 2003 Server, Windows Server 2008, Parallels Plesk Panel | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allows remote attackers to execute arbitrary SQL commands via a certificateslist cookie to notification@/. | |||||
| CVE-2011-5137 | 1 Tforum | 1 Tforum | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary SQL commands via the (1) TopicID parameter to viewtopic.php, the (2) BoardID parameter to viewboard.php, or (3) CatID parameter to viewcat.php. | |||||