Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-1557 | 1 Icloudcenter | 1 Icjobsite | 2011-04-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ICloudCenter ICJobSite 1.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter to an unspecified component, a different vulnerability than CVE-2011-1546. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-4774 | 1 Auracms | 1 Auracms | 2011-03-24 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171. | |||||
| CVE-2010-4771 | 1 Matteoiammarrone | 1 S-cms | 2011-03-24 | 7.5 HIGH | N/A |
| SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2011-0432 | 1 Simon Pamies | 1 Pywebdav | 2011-03-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6145 | 1 Typo3 | 2 Typo3, Wec Discussion Forum | 2011-03-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-5609 | 1 Typo3 | 2 Commerce Extension, Typo3 | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-4657 | 1 Typo3 | 2 Econda Plugin, Typo3 | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-4659 | 1 Typo3 | 2 Mannschaftsliste, Typo3 | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist) 1.0.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-4171 | 1 Invision Power Services | 1 Invision Power Board | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||||
| CVE-2008-4658 | 1 Typo3 | 2 Jobcontrol, Typo3 | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-4656 | 1 Typo3 | 2 Frontend Users View, Typo3 | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-4655 | 1 Typo3 | 2 Simplesurvey, Typo3 | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-0825 | 1 Caroline | 1 Caroline | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Claroline before 1.8.9 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2007-6168 | 1 Vu | 1 Case Manager | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in VU Case Manager allows remote attackers to execute arbitrary SQL commands via the username parameter, a different vector than CVE-2007-6143. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-5951 | 1 E-vendejo | 1 0.2 | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-6706 | 1 Soumu | 3 Koukyoumuke Soumu Workflow, Soumo Workflow, Soumu Workflow | 2011-03-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 through 01-01, Soumu Workflow 02-00 through 03-03, and Koukyoumuke Soumu Workflow 01-00 through 01-01 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors in certain web pages. | |||||
| CVE-2005-4244 | 1 Snipegallery | 1 Snipe Gallery | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Snipe Gallery 3.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) gallery_id parameter to view.php and (2) image_id parameter to image.php. | |||||
| CVE-2005-4315 | 1 Nicplex | 1 Plexcart X3 | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the search function in Plexum PLEXCART X3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly involving the (1) s_itemname and (2) s_orderby parameters to plexcart.pl. | |||||
| CVE-2005-4263 | 1 Envolution | 1 Envolution | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the News module in Envolution allows remote attackers to execute arbitrary SQL commands via the (1) startrow and (2) catid parameter. | |||||
| CVE-2005-4228 | 1 Phpwebgallery | 1 Phpwebgallery | 2011-03-07 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PhpWebGallery 1.5.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) since, (2) sort_by, and (3) items_number parameters to comments.php, (4) the search parameter to category.php, and (5) image_id parameter to picture.php. NOTE: it was later reported that the comments.php/sort_by vector also affects 1.7.2 and earlier. | |||||