| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php. |
| SQL injection vulnerability in the cm_rdfexport extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in the pmk_rssnewsexport extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute arbitrary SQL commands via the hash parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| Multiple SQL injection vulnerabilities in DevelopItEasy Events Calendar 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the user_name parameter (aka user field) to admin/index.php, (2) the user_pass parameter (aka pass field) to admin/index.php, or (3) the id parameter to calendar_details.php. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the siteid parameter. |
| SQL injection vulnerability in Merchantsadd.asp in ASPReferral 5.3 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter. |
| SQL injection vulnerability in messages.asp in ASP Forum Script allows remote attackers to execute arbitrary SQL commands via the message_id parameter. |
| SQL injection vulnerability in lire/index.php in Peel 3.1 allows remote attackers to execute arbitrary SQL commands via the rubid parameter. NOTE: this might be the same issue as CVE-2005-3572. |
| Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, as accessible from a form generated by index.php. |
| SQL injection vulnerability in the authenticateUser function in includes/authentication.inc.php in BrewBlogger (BB) 2.1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginUsername parameter to includes/logincheck.inc.php. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user parameter). |
| SQL injection vulnerability in the content component (com_content) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a blogcategory action to index.php. |
| SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field. |
| Multiple SQL injection vulnerabilities in login.asp in Bankoi WebHosting Control Panel 1.20 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field. |
| SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and earlier allows remote attackers to execute arbitrary SQL commands via the c parameter. |
| SQL injection vulnerability in the login page in X7 Chat 2.0.5 allows remote attackers to execute arbitrary SQL commands via the password field. |
| Multiple SQL injection vulnerabilities in submit.php in Pligg CMS 9.9.5 allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters. |
