Total
19016 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-1708 | 1 Freerealty.rwcinc | 1 Free Realty | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter). | ||||
| CVE-2010-1706 | 1 2daybiz | 1 Auction Script | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote attackers to execute arbitrary SQL commands via (1) the login field (aka the username parameter), and possibly (2) the password field, to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1702 | 1 Whmcs | 1 Whmcs | 2025-04-11 | N/A |
| SQL injection vulnerability in submitticket.php in WHMCompleteSolution (WHMCS) 4.2 allows remote attackers to execute arbitrary SQL commands via the deptid parameter. | ||||
| CVE-2010-1661 | 1 Jcink | 1 Php-quick-arcade | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) 3.0.21 allow remote attackers to execute arbitrary SQL commands via the (1) phpqa_user_c parameter to Arcade.php and the (2) id parameter to acpmoderate.php. | ||||
| CVE-2010-2019 | 1 Bukulokomedia | 1 Lokomedia Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-1660 | 1 Clscript | 1 Clscript Classifieds Script | 2025-04-11 | N/A |
| SQL injection vulnerability in help-details.php in CLScript Classifieds Script allows remote attackers to execute arbitrary SQL commands via the hpId parameter. | ||||
| CVE-2010-1654 | 1 Instantrankingseo | 1 Infocus Real Estate | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in system_member_login.php in Infocus Real Estate Enterprise Edition allow remote attackers to execute arbitrary SQL commands via the (1) username (aka login) and (2) password parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4855 | 1 Typo3 | 1 Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in TYPO3 4.0 allows remote attackers to execute arbitrary SQL commands via the showUid parameter. NOTE: the TYPO3 Security Team disputes this report, stating that "there is no such vulnerability... The showUid parameter is generally used in third-party TYPO3 extensions - not in TYPO3 Core. | ||||
| CVE-2010-1265 | 2 Ekith, Joomla | 2 Com Dcs Flashgames, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2010-1615 | 1 Moodle | 1 Moodle | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the add_to_log function in mod/wiki/view.php in the wiki module, or (2) "data validation in some forms elements" related to lib/form/selectgroups.php. | ||||
| CVE-2010-1338 | 2 Robertotto, Woltlab | 2 Teamsite Hack Plugin, Burning Board | 2025-04-11 | N/A |
| SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action. | ||||
| CVE-2010-1346 | 1 Ribafs | 1 Mini Cms Ribafs | 2025-04-11 | N/A |
| SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-2515 | 2 Dacian Strain, Joomla | 2 Com Jfaq, Joomla\! | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in index.php in the JFaq (com_jfaq) component 1.2 for Joomla!, when magic_quotes_gpc is disabled, allow (1) remote attackers to execute arbitrary SQL commands via the id parameter, and (2) remote authenticated users with "Public Front-end" permissions to execute arbitrary SQL commands via the titlu parameter (title field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1359 | 2 Bluegate, Xt-commerce | 2 Direct Url, Xt-commerce | 2025-04-11 | N/A |
| SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL module for xt:Commerce, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the coID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-1370 | 1 Preprojects | 1 Pre Classified Listings Asp | 2025-04-11 | N/A |
| SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter. | ||||
| CVE-2010-2510 | 1 2daybiz | 1 Web Template Software | 2025-04-11 | N/A |
| SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote attackers to execute arbitrary SQL commands via the tid parameter. | ||||
| CVE-2010-2508 | 1 2daybiz | 1 Video Community Portal Script | 2025-04-11 | N/A |
| SQL injection vulnerability in user-profile.php in 2daybiz Video Community Portal Script allows remote attackers to execute arbitrary SQL commands via the userid parameter. | ||||
| CVE-2010-2255 | 2 Joomla, Tamlyncreative | 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more | 2025-04-11 | N/A |
| SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-2317 | 1 Wmsdesign | 1 Wmscms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) search, (2) sbr, (3) pid, (4) sbl, and (5) FilePath parameters to default.asp; and the (6) sbr, (7) pr, and (8) psPrice parameters to printpage.asp. | ||||
| CVE-2010-2354 | 1 Pilotgroup | 1 Elms Pro | 2025-04-11 | N/A |
| SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to execute arbitrary SQL commands via the course_id parameter. | ||||