| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in index.php in Rentventory allows remote attackers to execute arbitrary SQL commands via the product parameter. |
| SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in index.php in Easy Webstore 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_path parameter. |
| SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter. |
| SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php. |
| Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to cat_main.php and the (2) cat parameter to forum.php in a liste action. |
| SQL injection vulnerability in login.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the detail parameter. |
| SQL injection vulnerability in plugin.php in the Crazy Star plugin 2.0 for Discuz! allows remote authenticated users to execute arbitrary SQL commands via the fmid parameter in a view action. |
| SQL injection vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: this issue has been disputed by a reliable third party, who states that inc/common.php only contains function definitions |
| SQL injection vulnerability in the Q-Proje Siirler Bileseni (com_siirler) component 1.2 RC for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in an sdetay action to index.php. |
| SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter. |
| SQL injection vulnerability in the CUA Login Module in EMC Centera Universal Access (CUA) 4.0_4735.p4 allows remote attackers to execute arbitrary SQL commands via the user (user name) field. |
| SQL injection vulnerability in index.php in Arctic Issue Tracker 2.0.0 allows remote attackers to execute arbitrary SQL commands via the filter parameter. |
| SQL injection vulnerability in view_product.php in Vastal I-Tech Software Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. |
| SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to indes.php. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter. |
| SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote attackers to execute arbitrary SQL commands via the flight parameter. NOTE: the vendor has disputed this issue, stating "crazy hackers and so named Security companies [spread] out such false informations. Such scripts or versions [do not] exist. |
| SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter in a viewcat action to modules.php. |
| SQL injection vulnerability in the Sudirman Angriawan NukeC30 3.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action to modules.php. |
