| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in forum_duzen.php in phpKF allows remote attackers to execute arbitrary SQL commands via the fno parameter. |
| SQL injection vulnerability in home.html in Xpoze Pro 4.10 allows remote attackers to execute arbitrary SQL commands via the menu parameter. |
| SQL injection vulnerability in index.php in BluSky CMS allows remote attackers to execute arbitrary SQL commands via the news_id parameter in a read action. |
| SQL injection vulnerability in group_index.php in Social Groupie allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in index.php in RadCLASSIFIEDS Gold 2.0 allows remote attackers to execute arbitrary SQL commands via the seller parameter in a search action. |
| SQL injection vulnerability in action.asp in PuterJam's Blog (PJBlog3) 3.0.6.170 allows remote attackers to execute arbitrary SQL commands via the cname parameter in a checkAlias action, as exploited in the wild in April 2009. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter. |
| SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers to execute arbitrary SQL commands via the catagorie parameter. |
| SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions SitePal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in the console in IBM WebSphere Partner Gateway (WPG) Enterprise 6.0 before FP8, 6.1 before FP3, 6.1.1 before FP2, and 6.2 before FP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. |
| SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. |
| Multiple SQL injection vulnerabilities in adminquery.php in Traidnt Up 2.0 allow remote attackers to execute arbitrary SQL commands via (1) trupuser and (2) truppassword cookies to uploadcp/index.php. |
| Multiple SQL injection vulnerabilities in adminlogin.asp in Zen Help Desk 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) userid (aka username) and (2) PassWord parameters to admin.asp. |
| Multiple SQL injection vulnerabilities in index.php in Escon SupportPortal Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat and (2) tid parameters. |
| SQL injection vulnerability in showcategory.php in Hutscripts PHP Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. |
| SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the cha parameter. |
| SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard 4.1 allows remote attackers to execute arbitrary SQL commands via the qNo parameter. |
| SQL injection vulnerability in File::find (filesystem/File.php) in SilverStripe before 2.3.1 allows remote attackers to execute arbitrary SQL commands via the filename parameter. |
| SQL injection vulnerability in writemessage.php in Yogurt 0.3, when register_globals is enabled, allows remote authenticated users to execute arbitrary SQL commands via the original parameter. |
