Export limit exceeded: 19010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4166 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via (1) the filter_order parameter in a com_weblinks category action to index.php, (2) the filter_order_Dir parameter in a com_weblinks category action to index.php, or (3) the filter_order_Dir parameter in a com_messages action to administrator/index.php. | ||||
| CVE-2010-4152 | 1 4site | 1 4site Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the i and th vectors are already covered by CVE-2009-0646. | ||||
| CVE-2010-4151 | 1 Deluxebb | 1 Deluxebb | 2025-04-11 | N/A |
| SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006-2503, and CVE-2009-1033. | ||||
| CVE-2010-4147 | 1 Avactis | 1 Avactis Shopping Cart | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header to (1) index.php and (2) product-list.php. | ||||
| CVE-2010-4144 | 1 Aspindir | 1 Kisisel Radyo Script | 2025-04-11 | N/A |
| SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter. | ||||
| CVE-2010-4143 | 1 Phpcheckz | 1 Phpcheckz | 2025-04-11 | N/A |
| SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-4006 | 2 Wsn, Wsnlinks | 3 Links, Wsn Links, Wsn Links | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter. | ||||
| CVE-2010-3428 | 1 Intermesh | 1 Group-office | 2025-04-11 | N/A |
| SQL injection vulnerability in modules/notes/json.php in Intermesh Group-Office 3.5.9 allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a category action. | ||||
| CVE-2010-3423 | 2 Drupal, Freka | 2 Drupal, Yr Verdata | 2025-04-11 | N/A |
| SQL injection vulnerability in the Yr Weatherdata module for Drupal 6.x before 6.x-1.6 allows remote attackers to execute arbitrary SQL commands via the sorting method. | ||||
| CVE-2010-3422 | 2 Joomla, Solventus | 2 Joomla\!, Com Jgen | 2025-04-11 | N/A |
| SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | ||||
| CVE-2010-3404 | 1 Eshtery.she7ata | 1 Eshtery Cms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in eshtery CMS (aka eshtery.com) allow remote attackers to execute arbitrary SQL commands via the (1) Criteria field in an unspecified form related to catlgsearch.aspx or (2) user name to an unspecified form related to adminlogin.aspx. | ||||
| CVE-2010-3267 | 1 Ifdefined | 1 Bugtracker.net | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id parameter to delete_query.aspx, the (3) new_project or (4) us_id parameter to edit_bug.aspx, or (5) the bug_list parameter to massedit.aspx. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-3212 | 1 Seagullproject.org | 1 Seagull | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via the frmQuestion parameter in a retrieve action, in conjunction with a user/password PATH_INFO. | ||||
| CVE-2010-3211 | 2 Jextn, Joomla | 2 Com Jefaqpro, Joomla\! | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with (1) the catid parameter or (2) the catid parameter in a lists action. | ||||
| CVE-2010-3207 | 1 Galeriashqip | 1 Galeriashqip | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the album_id parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-3188 | 1 Ifdefined | 1 Bugtracker.net | 2025-04-11 | N/A |
| SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page. | ||||
| CVE-2010-2916 | 1 Ajsquare | 1 Aj Hyip | 2025-04-11 | N/A |
| SQL injection vulnerability in news.php in AJ Square AJ HYIP MERIDIAN allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-2915 | 1 Ajsquare | 1 Aj Hyip | 2025-04-11 | N/A |
| SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-2912 | 1 Kayako | 1 Esupport | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the _a parameter in a downloads action. | ||||
| CVE-2010-2911 | 1 Kayako | 1 Esupport | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a viewnews action. | ||||