| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyCalendar 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter, a different vector than CVE-2008-1344. NOTE: some of these details are obtained from third party information. |
| Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) delete_folder and (2) delete_link parameters to unspecified vectors, possibly to (a) plugins/bookmarker/bookmarker_backend.php or (b) ajaxp.php, different vectors than CVE-2008-5654. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter. |
| SQL injection vulnerability in thread.php in stormBoards 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in urunler.asp in Iltaweb Alisveris Sistemi allows remote attackers to execute arbitrary SQL commands via the catno parameter. |
| SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the query string. |
| SQL injection vulnerability in blog.php in the Team Impact TI Blog System mod for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter. |
| SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 Beta allows remote attackers to execute arbitrary SQL commands via the url parameter. |
| SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a directory action. |
| SQL injection vulnerability in download.php in Farsi Script Faupload allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter. |
| SQL injection vulnerability in print.php in the AM Events (aka Amevents) module 0.22 for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in report.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the linkid parameter. |
| Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to type.asp and the (2) iPro parameter to detail.asp. |
| Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to (a) type.asp and (b) type2.asp and the (2) iPro parameter to (c) detail.asp. |
| SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in index.php in CadeNix allows remote attackers to execute arbitrary SQL commands via the cid parameter. |
| SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter. |
