Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-2622 | 2 Joomanager, Joomla | 2 Joomanager, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Joomanager component, possibly 1.1.1, for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2009-4615 | 1 Myrephp | 1 Myre Holiday Rental Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in review.php in MYRE Holiday Rental Manager allows remote attackers to execute arbitrary SQL commands via the link_id parameter in a show_review action. | ||||
| CVE-2011-2688 | 3 Apache, Debian, Mod Authnz External Project | 3 Http Server, Debian Linux, Mod Authnz External | 2025-04-11 | N/A |
| SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field. | ||||
| CVE-2011-4569 | 2 Mybb, Tom K | 2 Mybb, Forum Userbar Plugin | 2025-04-11 | N/A |
| SQL injection vulnerability in userbarsettings.php in the Userbar plugin 2.2 for MyBB Forum allows remote attackers to execute arbitrary SQL commands via the image2 parameter. | ||||
| CVE-2010-2616 | 1 Paul Mcenery | 1 Php Bible Search | 2025-04-11 | N/A |
| SQL injection vulnerability in bible.php in PHP Bible Search, probably 0.99, allows remote attackers to execute arbitrary SQL commands via the chapter parameter. | ||||
| CVE-2011-4570 | 2 Joomla, Takeaweb | 2 Joomla\!, Com Timereturns | 2025-04-11 | N/A |
| SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php. | ||||
| CVE-2013-3524 | 1 Simpilotgroup | 1 Pop Up News | 2025-04-11 | N/A |
| SQL injection vulnerability in popupnewsitem/ in the Pop Up News module 2.0 and possibly earlier for phpVMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: this was originally reported as a problem in phpVMS. | ||||
| CVE-2010-2614 | 1 Grafik-power | 1 Grafik Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in admin/admin.php in Grafik CMS 1.1.2, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit_page action. | ||||
| CVE-2010-2577 | 1 Pligg | 1 Pligg Cms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow remote attackers to execute arbitrary SQL commands via the title parameter to (1) storyrss.php or (2) story.php. | ||||
| CVE-2010-2516 | 1 2daybiz | 1 Multi Level Marketing Software | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in 2daybiz Multi Level Marketing (MLM) Software allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) index.php and (2) admin/index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-2508 | 1 2daybiz | 1 Video Community Portal Script | 2025-04-11 | N/A |
| SQL injection vulnerability in user-profile.php in 2daybiz Video Community Portal Script allows remote attackers to execute arbitrary SQL commands via the userid parameter. | ||||
| CVE-2009-4015 | 1 Debian | 1 Lintian | 2025-04-11 | N/A |
| Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allows remote attackers to execute arbitrary commands via shell metacharacters in filename arguments. | ||||
| CVE-2010-1743 | 1 Satyadeep | 1 Scratcher | 2025-04-11 | N/A |
| SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2013-3522 | 1 Vbulletin | 1 Vbulletin | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter. | ||||
| CVE-2010-2510 | 1 2daybiz | 1 Web Template Software | 2025-04-11 | N/A |
| SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote attackers to execute arbitrary SQL commands via the tid parameter. | ||||
| CVE-2012-5909 | 1 Mybb | 1 Mybb | 2025-04-11 | N/A |
| SQL injection vulnerability in admin/modules/user/users.php in MyBB (aka MyBulletinBoard) 1.6.6 allows remote attackers to execute arbitrary SQL commands via the conditions[usergroup][] parameter in a search action to admin/index.php. | ||||
| CVE-2014-0728 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05313. | ||||
| CVE-2013-3525 | 1 Bestpractical | 1 Request Tracker | 2025-04-11 | N/A |
| SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor disputes this issue, stating "We were unable to replicate it, and the individual that reported it retracted their report," and "we had verified that the claimed exploit did not function according to the author's claims. | ||||
| CVE-2010-2511 | 1 2daybiz | 1 Multi Level Marketing Software | 2025-04-11 | N/A |
| SQL injection vulnerability in viewnews.php in 2daybiz Multi Level Marketing (MLM) Software allows remote attackers to execute arbitrary SQL commands via the nwsid parameter. | ||||
| CVE-2010-2460 | 1 Jce-tech | 1 Shareasale Script | 2025-04-11 | N/A |
| SQL injection vulnerability in merchant_product_list.php in JCE-Tech Shareasale Script (SASS) 1 allows remote attackers to execute arbitrary SQL commands via the mechant_id parameter. | ||||