Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4708 | 2 Maximo Cuadros, Typo3 | 2 Gb Fenewssubmit, Typo3 | 2010-03-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4712 | 1 Tukanas | 1 Easyclassifieds Script | 2010-03-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Tukanas Classifieds (aka EasyClassifieds) Script 1.0 allows remote attackers to execute arbitrary SQL commands via the b parameter. | |||||
| CVE-2009-4701 | 2 Liviu Mitrofan, Typo3 | 2 Myth Download, Typo3 | 2010-03-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4702 | 2 Markus Barchfeld, Typo3 | 2 Pm Tour, Typo3 | 2010-03-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Tour Extension (pm_tour) extension before 0.0.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4711 | 2 Jan Bednarik, Typo3 | 2 Cooluri, Typo3 | 2010-03-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the CoolURI (cooluri) extension before 1.0.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2008-6686. | |||||
| CVE-2009-4703 | 1 Typo3 | 2 Typo3, Ws Gallery | 2010-03-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Webesse Image Gallery (ws_gallery) extension 1.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4691 | 1 Resalecode | 1 Classified Linktrader Script | 2010-03-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in addlink.php in Classified Linktrader Script allows remote attackers to execute arbitrary SQL commands via the slctCategories parameter. | |||||
| CVE-2009-4689 | 1 Resalecode | 1 Php Shopping Cart Selling Website Script | 2010-03-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHP Shopping Cart Selling Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2010-0763 | 1 Commodityrentals | 1 Vacation Rental Software | 2010-03-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CommodityRentals Vacation Rental Software allows remote attackers to execute arbitrary SQL commands via the rental_id parameter in a CalendarView action. | |||||
| CVE-2010-0802 | 2 Aleinbeen, Invision Power Services | 2 \(nv2\) Awards, Invision Power Board | 2010-03-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in (nv2) Awards 1.1.0, a modification for Invision Power Board, allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action. | |||||
| CVE-2010-0798 | 2 Snowflake, Typo3 | 2 T3blog, Typo3 | 2010-03-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0692 | 2 Iptechinside, Joomla | 2 Com Jquarks, Joomla\! | 2010-03-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0691 | 1 Jtl-software | 1 Jtl-shop | 2010-03-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arbitrary SQL commands via the s parameter. | |||||
| CVE-2010-0710 | 1 Aspcodecms | 1 Aspcode Cms | 2010-02-26 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-4650 | 2 Joomla, Onnogroen | 2 Joomla\!, Com Webeecomment | 2010-02-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a default action to index2.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0677 | 1 Katalog.hurricane | 1 Katalog Stron Hurricane | 2010-02-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter. | |||||
| CVE-2010-0673 | 2 Copperleaf, Wordpress | 2 Photolog, Wordpress | 2010-02-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter. | |||||
| CVE-2010-0635 | 2 Jevents, Joomla | 2 Jevents Search Plugin, Joomla\! | 2010-02-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0631 | 1 Eicrasoft | 1 Eicra Car Rental-script | 2010-02-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote attackers to execute arbitrary SQL commands via the (1) users (username) and (2) passwords parameters. | |||||
| CVE-2009-2439 | 1 Web Development House | 1 Alibaba Clone | 2010-02-13 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Web Development House Alibaba Clone allow remote attackers to execute arbitrary SQL commands via the (1) IndustryID parameter to category.php and the (2) SellerID parameter to supplier/view_contact_details.php. NOTE: this is a product that was developed by a third party; it is not associated with alibaba.com or the Alibaba Group. | |||||