Total
19025 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4938 | 2 Joomla, Warphd | 2 Joomla\!, Com Jvideo | 2025-04-11 | N/A |
| SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php. | ||||
| CVE-2010-4365 | 2 Harmistechnology, Joomla | 2 Com Jeajaxeventcalendar, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to index.php. | ||||
| CVE-2009-4870 | 1 Phpcityportal | 1 Phpcityportal | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in login.php in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the (1) req_username (aka Username) and (2) req_password (aka Password) parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4798 | 1 Diskos | 1 Diskos Cms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Diskos CMS 6.x allow remote attackers to execute arbitrary SQL commands via the (1) kat parameter to side.asp, and the (2) brugerid and (3) password fields to the administration login feature. | ||||
| CVE-2010-0471 | 1 Enanocms | 1 Enanocms | 2025-04-11 | N/A |
| SQL injection vulnerability in the comment submission interface (includes/comment.php) in Enano CMS before 1.0.6pl1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | ||||
| CVE-2010-5024 | 1 Cutesite | 1 Cutesite Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in manage/add_user.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the user_id parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-5003 | 2 Autartica, Joomla | 2 Com Autartimonial, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1726 | 1 Alibabaclone | 1 Ec21 Clone | 2025-04-11 | N/A |
| SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2013-0140 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-11 | N/A |
| SQL injection vulnerability in the Agent-Handler component in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to execute arbitrary SQL commands via a crafted request over the Agent-Server communication channel. | ||||
| CVE-2012-3953 | 1 Phplist | 1 Phplist | 2025-04-11 | N/A |
| SQL injection vulnerability in admin/index.php in phpList before 2.10.19 allows remote administrators to execute arbitrary SQL commands via the delete parameter to the editattributes page. | ||||
| CVE-2012-2952 | 1 Jaow | 1 Jaow | 2025-04-11 | N/A |
| SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the add_ons parameter. | ||||
| CVE-2012-1026 | 1 Johannes Ekberg | 1 Xray Cms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in login2.php in XRay CMS 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. | ||||
| CVE-2011-5168 | 1 Bananadance | 1 Banana Dance | 2025-04-11 | N/A |
| SQL injection vulnerability in user.php in Banana Dance before B.1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2013-1748 | 1 Chatelao | 1 Php Address Book | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) edit.php or (2) import.php. NOTE: the view.php id vector is already covered by CVE-2008-2565.1 and the edit.php id vector is already covered by CVE-2008-2565.2. | ||||
| CVE-2013-1163 | 1 Cisco | 1 Connected Grid Network Management System | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the device-management implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCue14553 and CSCue38746. | ||||
| CVE-2010-0721 | 1 Systemsoftware | 1 Auktionshaus Gelb | 2025-04-11 | N/A |
| SQL injection vulnerability in news.php in Auktionshaus Gelb 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-4935 | 1 Khader Abbeb | 1 Entrans | 2025-04-11 | N/A |
| SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sid parameter. | ||||
| CVE-2010-4940 | 1 Wanewsletter | 1 Wanewsletter | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-4945 | 1 Joomla | 2 Com Camelcitydb2, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2010-4946 | 1 Allpcscript | 1 Allpc | 2025-04-11 | N/A |
| SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter. | ||||