Export limit exceeded: 19010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-2740 | 1 Phplist | 1 Phplist | 2025-04-11 | N/A |
| SQL injection vulnerability in public_html/lists/admin in phpList before 2.10.18 allows remote attackers to execute arbitrary SQL commands via the sortby parameter in a find action. | ||||
| CVE-2012-2762 | 1 S9y | 1 Serendipity | 2025-04-11 | N/A |
| SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php. | ||||
| CVE-2012-2908 | 1 Viscacha | 1 Viscacha | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in admin/bbcodes.php in Viscacha 0.8.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) bbcodeexample, (2) buttonimage, or (3) bbcodetag parameter. | ||||
| CVE-2012-2923 | 1 Hypermethod | 1 Elearning Server | 2025-04-11 | N/A |
| SQL injection vulnerability in news.php4 in Hypermethod eLearning Server 4G allows remote attackers to execute arbitrary SQL commands via the nid parameter. | ||||
| CVE-2012-2925 | 1 Simple Php Agenda | 1 Simple Php Agenda | 2025-04-11 | N/A |
| SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote attackers to execute arbitrary SQL commands via the priority parameter in an addTodo action. | ||||
| CVE-2012-2937 | 1 Pligg | 1 Pligg Cms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) list parameter in a move action to admin/admin_index.php, (2) display parameter in a minimize action to admin/admin_index.php, (3) enabled[] parameter to admin/admin_users.php, or (4) msg_id to the module.php in the simple_messaging module. | ||||
| CVE-2012-2952 | 1 Jaow | 1 Jaow | 2025-04-11 | N/A |
| SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the add_ons parameter. | ||||
| CVE-2012-2961 | 1 Symantec | 1 Web Gateway | 2025-04-11 | N/A |
| SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-2962 | 1 Sonicwall | 1 Scrutinizer | 2025-04-11 | N/A |
| SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter. | ||||
| CVE-2012-2998 | 1 Trend Micro | 1 Control Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in the ad hoc query module in Trend Micro Control Manager (TMCM) before 5.5.0.1823 and 6.0 before 6.0.0.1449 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-3000 | 1 F5 | 10 Big-ip Access Policy Manager, Big-ip Analytics, Big-ip Application Security Manager and 7 more | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter. | ||||
| CVE-2012-3791 | 1 Cms-center | 1 Simple Web Content Management System | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Simple Web Content Management System 1.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) item_delete.php, (2) item_status.php, (3) item_detail.php, (4) item_modify.php, or (5) item_position.php in admin/; or (6) status parameter to admin/item_status.php. | ||||
| CVE-2012-3834 | 1 Alienvault | 1 Open Source Security Information Management | 2025-04-11 | N/A |
| SQL injection vulnerability in forensics/base_qry_main.php in AlienVault Open Source Security Information Management (OSSIM) 3.1 allows remote authenticated users to execute arbitrary SQL commands via the time[0][0] parameter. | ||||
| CVE-2012-3839 | 1 Myclientbase | 1 Myclientbase | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in application/core/MY_Model.php in MyClientBase 0.12 allow remote attackers to execute arbitrary SQL commands via the (1) invoice_number or (2) tags parameter to index.php/invoice_search. | ||||
| CVE-2012-3873 | 1 Openconstructor Project | 1 Openconstructor | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Open Constructor 3.12.0 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) data/gallery/edit.php, (2) data/guestbook/edit.php, (3) data/file/edit.php, (4) data/htmltext/edit.php, (5) data/publication/edit.php, or (6) data/event/edit.php. | ||||
| CVE-2012-3881 | 1 Adrian Chadd | 2 Rtg, Rtg2 | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php, (2) view.php, or (3) rtg.php. | ||||
| CVE-2012-4601 | 1 Tecnick | 1 Tcexam | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_groups[] parameter to admin/code/tce_edit_test.php or (2) subject_id parameter to admin/code/tce_show_all_questions.php. | ||||
| CVE-2012-4673 | 1 Thomas Hunter | 1 Neoinvoice | 2025-04-11 | N/A |
| SQL injection vulnerability in application/controllers/invoice.php in NeoInvoice might allow remote attackers to execute arbitrary SQL commands via vectors involving the sort_col variable in the list_items function, a different vulnerability than CVE-2012-3477. | ||||
| CVE-2012-4686 | 1 Vbulletin | 1 Vbulletin | 2025-04-11 | N/A |
| SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote attackers to execute arbitrary SQL commands via the announcementid parameter. | ||||
| CVE-2012-4743 | 2 Eos.pe, Zeroboard | 2 Siche Search Module, Zeroboard | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in ssearch.php in Siche search module 0.5 for Zeroboard allow remote attackers to execute arbitrary SQL commands via the (1) ss, (2) sm, (3) align, or (4) category parameters. | ||||