Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4770 | 1 Commodityrentals | 1 Dvd Rentals Script | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action. | ||||
| CVE-2010-4639 | 1 Intendance | 1 Mysource Matrix | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-4641 | 1 Xwiki | 1 Xwiki | 2025-04-11 | N/A |
| SQL injection vulnerability in XWiki Enterprise before 2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-4774 | 1 Auracms | 1 Auracms | 2025-04-11 | N/A |
| SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171. | ||||
| CVE-2010-4696 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_contact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-4700 | 1 Php | 1 Php | 2025-04-11 | N/A |
| The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions. | ||||
| CVE-2010-4703 | 1 Hotwebscripts | 1 Hotweb Rentals | 2025-04-11 | N/A |
| SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-4619 | 1 Webscripti | 1 Mafya Oyun Scrpti | 2025-04-11 | N/A |
| SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka Mafia Game Script) allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-4736 | 1 Gatesoft | 1 Docusafe | 2025-04-11 | N/A |
| SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the ECO_ID parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4737 | 1 Hotwebscripts | 1 Hotweb Rentals | 2025-04-11 | N/A |
| SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PropResort parameter. | ||||
| CVE-2010-4739 | 2 Aretimes, Joomla | 2 Com Maianmedia, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Maian Media Silver (com_maianmedia) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a music action to index.php. | ||||
| CVE-2010-4612 | 1 Hycus | 1 Hycus Cms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) usr_email parameters to user/1/hregister.html, (3) usr_email parameter to user/1/hlogin.html, (4) useremail parameter to user/1/forgotpass.html, and the (5) q parameter to search/1.html. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-5288 | 1 Accomplishtechnology | 1 Phpmydirectory | 2025-04-11 | N/A |
| SQL injection vulnerability in page.php in phpMyDirectory 1.3.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2012-5290 | 1 Wcs4web | 1 Easywebrealestate | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in EasyWebRealEstate allow remote attackers to execute arbitrary SQL commands via the (1) lstid parameter to listings.php or (2) infoid parameter to index.php. | ||||
| CVE-2012-5291 | 1 Possesports | 1 Posse Softball Director Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in team.php in Posse Softball Director CMS allows remote attackers to execute arbitrary SQL commands via the idteam parameter. | ||||
| CVE-2012-5289 | 1 Plogger | 1 Plogger | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Plogger 1.0 RC1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) index.php or (2) gallery.php. | ||||
| CVE-2012-5297 | 1 Mavili Guestbook Project | 1 Mavili Guestbook | 2025-04-11 | N/A |
| SQL injection vulnerability in edit.asp in Mavili Guestbook, as released in November 2007, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2012-5300 | 1 Mystorexpress | 1 Tienda Virtual | 2025-04-11 | N/A |
| SQL injection vulnerability in art_catalogo.php in MyStore Xpress Tienda Virtual 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2012-5317 | 1 Bigware | 1 Bigware Shop | 2025-04-11 | N/A |
| SQL injection vulnerability in main_bigware_43.php in Bigware Shop before 2.1.5 allows remote attackers to execute arbitrary SQL commands via the lastname parameter in a process action. | ||||
| CVE-2010-2915 | 1 Ajsquare | 1 Aj Hyip | 2025-04-11 | N/A |
| SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||