Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0343 | 1 Typo3 | 2 Pb Clanlist, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Clan Users List (pb_clanlist) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-0339 | 1 Typo3 | 2 Typo3, Vm19 Userlinks | 2025-04-11 | N/A |
| SQL injection vulnerability in the User Links (vm19_userlinks) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2011-0510 | 1 Awbs | 1 Advanced Webhost Billing System | 2025-04-11 | N/A |
| SQL injection vulnerability in cart.php in Advanced Webhost Billing System (AWBS) 2.9.2 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the oid parameter in an add_other action. | ||||
| CVE-2010-0338 | 1 Typo3 | 2 Ttpedit, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the TT_Products editor (ttpedit) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-7092 | 1 Mcafee | 1 Email Gateway | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in /admin/cgi-bin/rpc/doReport/18 in McAfee Email Gateway 7.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) events_col, (2) event_id, (3) reason, (4) events_order, (5) emailstatus_order, or (6) emailstatus_col JSON keys. | ||||
| CVE-2010-1277 | 1 Zabbix | 1 Zabbix | 2025-04-11 | N/A |
| SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to api_jsonrpc.php. | ||||
| CVE-2010-4925 | 1 Nuked-klan | 2 Nuked-klan, Partenaires Module | 2025-04-11 | N/A |
| SQL injection vulnerability in clic.php in the Partenaires module 1.5 for Nuked-Klan allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-4915 | 1 Coldgen | 1 Coldbookmarks | 2025-04-11 | N/A |
| SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action. | ||||
| CVE-2010-4906 | 1 Zenphoto | 1 Zenphoto | 2025-04-11 | N/A |
| SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3 and 1.3.1.2 allows remote attackers to execute arbitrary SQL commands via the a parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-5135 | 1 Docebo | 1 Docebolms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the iotask module in DoceboLMS 4.0.4 and earlier allow remote authenticated users with admin or teacher privileges to execute arbitrary SQL commands via the (1) coursereportuiconfig[name] or (2) coursereportuiconfig[description] parameters to index.php. | ||||
| CVE-2010-2051 | 1 Debliteck | 1 Dbcart | 2025-04-11 | N/A |
| SQL injection vulnerability in article.php in Debliteck DBCart allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-4897 | 1 Bluecms Project | 1 Bluecms | 2025-04-11 | N/A |
| SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action. | ||||
| CVE-2010-0337 | 1 Typo3 | 2 Dl3 Tt News Alerts, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the tt_news Mail alert (dl3_tt_news_alerts) extension 0.2.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-0334 | 2 Francisco Cifuentes, Typo3 | 2 Vote For Tt News, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-2019 | 1 Bukulokomedia | 1 Lokomedia Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-4735 | 1 Ecommercemax | 1 Digital-goods Seller | 2025-04-11 | N/A |
| SQL injection vulnerability in shoppingcart.asp in Ecommercemax Solutions Digital-goods seller (DGS) 1.5 allows remote attackers to execute arbitrary SQL commands via the d parameter. | ||||
| CVE-2011-4816 | 1 Ibm | 6 Maximo Asset Management, Maximo Asset Management Essentials, Maximo Service Desk and 3 more | 2025-04-11 | N/A |
| SQL injection vulnerability in the KPI component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-4702 | 2 Fxwebdesign, Joomla | 2 Com Jradio, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-1673 | 1 Ola Lasisi | 1 E-ticketing | 2025-04-11 | N/A |
| SQL injection vulnerability in loginscript.php in e-ticketing allows remote attackers to execute arbitrary SQL commands via the password parameter. | ||||
| CVE-2010-0333 | 2 Matthias Graubner, Typo3 | 2 Mg Help, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||