Total
11922 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-5111 | 1 Kajianwebsite | 1 Cms Balitbang | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Kajian Website CMS Balitbang 3.x allow remote attackers to execute arbitrary SQL commands via the hal parameter to (1) the data module in alumni.php; or the (2) lih_buku, (3) artikel, (4) album, or (5) berita module in index.php. | |||||
| CVE-2011-5103 | 1 Alurian | 1 Prismotube Video Script | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Alurian Prismotube PHP Video Script allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2011-5099 | 2 Chillcreations, Joomla | 2 Mod Ccnewsletter, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in helper/popup.php in the ccNewsletter (mod_ccnewsletter) component 1.0.7 through 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2011-5050 | 1 Elitecore | 1 Cyberoam Unified Threat Management | 2017-08-29 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in corporate/Controller in Elitecore Technologies Cyberoam UTM before 10.01.2 build 059 allows remote authenticated administrators to execute arbitrary SQL commands via the tableid parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-5039 | 1 Infoproject | 1 Biznis Heroj | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to login.php, (3) the filter parameter to widget.dokumenti_lista.php, and (4) the fin_nalog_id parameter to nalozi_naslov.php. | |||||
| CVE-2011-5038 | 1 Hitcode | 1 Hitappoint | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in hitCode hitAppoint 4.5.17 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2011-5031 | 1 Shilpisoft | 1 Capexweb | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in servlet/capexweb.parentvalidatepassword in cApexWEB 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) dfuserid and (2) dfpassword parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-4946 | 1 E107 | 1 E107 | 2017-08-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to execute arbitrary SQL commands via the user_field parameter. | |||||
| CVE-2011-4921 | 1 E107 | 1 E107 | 2017-08-29 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in usersettings.php in e107 0.7.26, and possibly other versions before 1.0.0, allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2011-4847 | 2 Microsoft, Parallels | 3 Windows 2003 Server, Windows Server 2008, Parallels Plesk Panel | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allows remote attackers to execute arbitrary SQL commands via a certificateslist cookie to notification@/. | |||||
| CVE-2011-4824 | 1 Cacti | 1 Cacti | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter. | |||||
| CVE-2011-4763 | 1 Parallels | 1 Parallels Plesk Small Business Panel | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by Wizard/Edit/Html and certain other files. | |||||
| CVE-2011-4753 | 1 Parallels | 1 Parallels Plesk Small Business Panel | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by domains/sitebuilder_edit.php and certain other files. | |||||
| CVE-2011-4674 | 1 Zabbix | 1 Zabbix | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the only_hostid parameter. | |||||
| CVE-2011-4673 | 2 Automattic, Wordpress | 2 Jetpack, Wordpress | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2011-4669 | 1 Wordpress | 2 Wordpress, Wordpress-users | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the uid parameter to index.php. | |||||
| CVE-2011-4571 | 2 Eaimproved, Joomla | 2 Com Estateagent, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Estate Agent (com_estateagent) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showEO action to index.php. | |||||
| CVE-2011-4570 | 2 Joomla, Takeaweb | 2 Joomla\!, Com Timereturns | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php. | |||||
| CVE-2011-4569 | 2 Mybb, Tom K | 2 Mybb, Forum Userbar Plugin | 2017-08-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in userbarsettings.php in the Userbar plugin 2.2 for MyBB Forum allows remote attackers to execute arbitrary SQL commands via the image2 parameter. | |||||
| CVE-2011-4460 | 1 Bestpractical | 1 Rt | 2017-08-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to execute arbitrary SQL commands by leveraging access to a privileged account. | |||||