Export limit exceeded: 18940 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18940 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3531 | 1 Radiocms | 1 Radiocms | 2025-04-11 | N/A |
| SQL injection vulnerability in meneger.php in RadioCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter. | ||||
| CVE-2013-3532 | 2 Webdorado, Wordpress | 2 Spider Video Player, Wordpress | 2025-04-11 | N/A |
| SQL injection vulnerability in settings.php in the Web Dorado Spider Video Player plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the theme parameter. | ||||
| CVE-2013-3533 | 1 Virtualaccess | 1 Virtual Access Monitor | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Virtual Access Monitor 3.10.17 and earlier allow attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-3536 | 1 Whmcs | 2 Group Pay, Whmcs | 2025-04-11 | N/A |
| SQL injection vulnerability in the gp_LoadUserFromHash function in functions_hash.php in the Group Pay module 1.5 and earlier for WHMCS allows remote attackers to execute arbitrary SQL commands via the hash parameter. | ||||
| CVE-2013-3537 | 1 Wesley Destailleur | 1 Todoo Forum | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in todooforum.php in Todoo Forum 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id_post or (2) pg parameter. | ||||
| CVE-2013-3577 | 1 Wave | 2 Embassy Remote Administration Server, Embassy Remote Administration Server Help Desk | 2025-04-11 | N/A |
| SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote attackers to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field). | ||||
| CVE-2013-3578 | 1 Wave | 2 Embassy Remote Administration Server, Embassy Remote Administration Server Help Desk | 2025-04-11 | N/A |
| SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field), leading to execution of operating-system commands. | ||||
| CVE-2013-3602 | 1 Trivantis | 1 Coursemill Learning Management System | 2025-04-11 | N/A |
| SQL injection vulnerability in admindocumentworker.jsp in Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to execute arbitrary SQL commands via the docID parameter. | ||||
| CVE-2009-4784 | 2 Joaktree, Joomla | 2 Com Joaktree, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php. | ||||
| CVE-2013-3721 | 1 Psychostats | 1 Psychostats | 2025-04-11 | N/A |
| SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter. | ||||
| CVE-2009-4783 | 1 Mntechsolutions | 1 Theeta Cms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Theeta CMS, possibly 0.01, allow remote attackers to execute arbitrary SQL commands via the start parameter to (1) forum.php and (2) thread.php in community/, and (3) blog/index.php. | ||||
| CVE-2009-4751 | 1 Phppower | 1 Swinger Club Portal | 2025-04-11 | N/A |
| SQL injection vulnerability in anzeiger/start.php in Swinger Club Portal allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action. | ||||
| CVE-2009-4749 | 1 Phplivesupport | 1 Php Live\! | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in PHP Live! 3.2.1 and 3.2.2 allow remote attackers to execute arbitrary SQL commands via the x parameter to (1) message_box.php and (2) request.php. | ||||
| CVE-2009-4745 | 1 Dreamlevels | 1 Dreampoll | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Dreamlevels DreamPoll 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) sortField, (2) sortDesc, or (3) pageNumber parameter in a login action. | ||||
| CVE-2013-3973 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | N/A |
| SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4734 | 1 Allomani | 1 Movies Library | 2025-04-11 | N/A |
| SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | ||||
| CVE-2013-4137 | 1 Status | 1 Statusnet | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in StatusNet 1.0 before 1.0.2 and 1.1.0 allow remote attackers to execute arbitrary SQL commands via vectors related to user lists and "a particular tag format." | ||||
| CVE-2013-6058 | 1 Apprain | 1 Apprain | 2025-04-11 | N/A |
| SQL injection vulnerability in appRain CMF 3.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to blog-by-cat/. | ||||
| CVE-2013-6164 | 1 Projeqtor | 1 Projeqtor | 2025-04-11 | N/A |
| SQL injection vulnerability in view/objectDetail.php in Project'Or RIA 3.4.0 allows remote attackers to execute arbitrary SQL commands via the objectId parameter. | ||||
| CVE-2013-6172 | 1 Roundcube | 1 Webmail | 2025-04-11 | N/A |
| steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the _session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary code. | ||||