| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in articlesdetails.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-2905. |
| Multiple SQL injection vulnerabilities in modfile.php in Event Horizon (EVH) 1.1.10, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) YourEmail and (2) VerificationNumber parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote attackers to execute arbitrary SQL commands via the product_id parameter. |
| Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote attackers to execute arbitrary SQL commands via the viewform parameter in a (1) ferforms or (2) tferforms action to index.php, and the (3) id parameter in a vferforms action to index.php. |
| SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index.php. |
| SQL injection vulnerability in index_ie.php in Pay Per Minute Video Chat Script 2.0 and 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter. |
| SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. |
| SQL injection vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pagina parameter to index.php. |
| SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arbitrary SQL commands via the PictureId parameter in an open action. |
| SQL injection vulnerability in itemdetail.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in pages.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) password fields. |
| Multiple SQL injection vulnerabilities in login.php in Project Man 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. |
| SQL injection vulnerability in the Calendar Base (cal) extension before 1.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via iCalendar data. |
| SQL injection vulnerability in firma.php in Bartels Schone ConPresso 4.0.7 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in index.php in CMSQlite 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the c parameter. |
| SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the POST or cookie value to bypass the validation routine, but inserts the $_GET value into the resulting query. |
| SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a speakerpopup action to index.php. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq action to index.php. |
