| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) password fields. |
| SQL injection vulnerability in contact.php in My Little Forum allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-2942. |
| Multiple SQL injection vulnerabilities in login.php in Project Man 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. |
| SQL injection vulnerability in default.asp in Cyberhost allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. |
| SQL injection vulnerability in index.php in HauntmAx Haunted House Directory Listing CMS allows remote attackers to execute arbitrary SQL commands via the state parameter in a listings action. |
| SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to index.php. |
| SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. |
| SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a viewnews action. |
| SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the _a parameter in a downloads action. |
| SQL injection vulnerability in default.asp in AKY Blog allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in the StaticXT (com_staticxt) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. |
| SQL injection vulnerability in the Golf Course Guide (com_golfcourseguide) component 0.9.6.0 beta and 1 beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a golfcourses action to index.php. |
| SQL injection vulnerability in groupadmin.php in Pligg before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the role parameter, a different vulnerability than CVE-2010-2577. |
| SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to AjaxSearch. |
| SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental (VRBO) Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter. |
| SQL injection vulnerability in the Maian Media Silver (com_maianmedia) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a music action to index.php. |
| SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via the tid2 parameter. |
