| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple SQL injection vulnerabilities in GR Board (aka grboard) 1.8.6.5 Community Edition allow remote attackers to execute arbitrary SQL commands via the (1) tableType or (2) blindTarget parameter to view.php, (3) the delTargets[0] parameter to view_memo.php, or (4) the isReported parameter to write_ok.php. |
| SQL injection vulnerability in Alurian Prismotube PHP Video Script allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. |
| Multiple SQL injection vulnerabilities in Blogs Manager 1.101 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to (1) _authors_list.php, (2) _blogs_list.php, (3) _category_list.php, (4) _comments_list.php, (5) _policy_list.php, (6) _rate_list.php, (7) categoriesblogs_list.php, (8) chosen_authors_list.php, (9) chosen_blogs_list.php, (10) chosen_comments_list.php, and (11) help_list.php in blogs/. |
| SQL injection vulnerability in Alameda (com_alameda) component before 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the storeid parameter to index.php. |
| SQL injection vulnerability in setseed-hub in SetSeed CMS 5.8.20, 5.11.2, and earlier allows remote attackers to execute arbitrary SQL commands via the loggedInUser cookie. |
| Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary SQL commands via the (1) TopicID parameter to viewtopic.php, the (2) BoardID parameter to viewboard.php, or (3) CatID parameter to viewcat.php. |
| SQL injection vulnerability in page.php in Pre Studio Business Cards Designer allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in user.php in Banana Dance before B.1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in sgms/reports/scheduledreports/configure/scheduleProps.jsp in SonicWall ViewPoint 6.0 SP2 allows remote attackers to execute arbitrary SQL commands via the scheduleID parameter. |
| SQL injection vulnerability in ajax.php in Batavi before 1.2.1 allows remote attackers to execute arbitrary SQL commands via the boxToReload parameter. |
| SQL injection vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary SQL commands via a malformed URL. |
| Multiple SQL injection vulnerabilities in Advantech/BroadWin WebAccess before 7.0 allow remote attackers to execute arbitrary SQL commands via crafted string input. |
| Multiple SQL injection vulnerabilities in Symantec Altiris WISE Package Studio before 8.0MR1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtx08939. |
| Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function. |
| CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored. |
| SQL injection vulnerability in deV!L'z Clanportal (DZCP) Gamebase addon allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a detail action to index.php. |
| SQL injection vulnerability in the Moviebase addon for deV!L'z Clanportal (DZCP) 1.5.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a showkat action to index.php. |
| SQL injection vulnerability in admin/categories.php in 4images 1.7.10 remote attackers to execute arbitrary SQL commands via the cat_parent_id parameter in an addcat action. |
