Total
11922 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1480 | 2 Joomla, Rockettheme | 2 Joomla\!, Com Rokmodule | 2010-06-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4784 | 2 Joaktree, Joomla | 2 Com Joaktree, Joomla\! | 2010-06-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php. | |||||
| CVE-2009-4785 | 2 Bhavesh Chauhan, Joomla | 2 Com Quicknews, Joomla\! | 2010-06-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.php. | |||||
| CVE-2010-2139 | 1 Multishopcms | 1 Multishop Cms | 2010-06-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pages.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-2140 | 1 Multishopcms | 1 Multishop Cms | 2010-06-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in itemdetail.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-2095 | 1 Cmsqlite | 1 Cmsqlite | 2010-05-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CMSQlite 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the c parameter. | |||||
| CVE-2009-4803 | 2 Andreas Schwarzkopf, Typo3 | 2 Accessibility Glossary, Typo3 | 2010-05-26 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Accessibility Glossary (a21glossary) extension 0.4.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-2051 | 1 Debliteck | 1 Dbcart | 2010-05-26 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.php in Debliteck DBCart allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-2042 | 1 Shopex | 1 Ecshop | 2010-05-26 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in ECShop 2.7.2 allows remote attackers to execute arbitrary SQL commands via the encode parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2019 | 1 Bukulokomedia | 1 Lokomedia Cms | 2010-05-24 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-2015 | 1 Createch-group | 1 Lisk Cms | 2010-05-24 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a view_inbox action to cp/cp_messages.php or (2) the id parameter to cp/edit_email.php. | |||||
| CVE-2010-2012 | 1 Sebrac.webcindario | 1 Migascms | 2010-05-24 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in function.php in MigasCMS 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categorie parameter in a catalogo action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1950 | 2 Emultisoft, Joomla | 2 Com Jnewspaper, Joomla\! | 2010-05-19 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the date_info parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-1949 | 2 Emultisoft, Joomla | 2 Com Jnewspaper, Joomla\! | 2010-05-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1925 | 1 Rifat Kurban | 1 Tekno.portal | 2010-05-13 | 7.5 HIGH | N/A |
| SQL injection vulnerability in makale.php in tekno.Portal 0.1b allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-2817. | |||||
| CVE-2010-1918 | 1 Efrontlearning | 1 Efront | 2010-05-12 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the chatrooms_ID parameter. | |||||
| CVE-2009-4375 | 1 Alienvault | 1 Open Source Security Information Management | 2010-05-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary SQL commands via the id_document parameter. | |||||
| CVE-2010-1859 | 1 Deluxebb | 1 Deluxebb | 2010-05-10 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the membercookie cookie when adding a new thread. | |||||
| CVE-2010-1863 | 1 Clantiger | 1 Clantiger | 2010-05-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the shoutbox module (modules/shoutbox.php) in ClanTiger 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the s_email parameter. | |||||
| CVE-2010-1705 | 1 Rocky.nu | 1 Modelbook | 2010-05-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in casting_view.php in Modelbook allows remote attackers to execute arbitrary SQL commands via the adnum parameter. | |||||