| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via (1) the f parameter in a showforum action, (2) the u parameter in a profile action, (3) the viewcat parameter, or (4) a combination of scb_uid and scb_ident cookie values. |
| SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter. |
| SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes. |
| SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter. |
| SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels 3 allows remote attackers to execute arbitrary SQL commands via the id_cat parameter. |
| Multiple SQL injection vulnerabilities in index.php in dotProject 2.1.2 allow (1) remote authenticated users to execute arbitrary SQL commands via the tab parameter in a projects action, and (2) remote authenticated administrators to execute arbitrary SQL commands via the user_id parameter in a viewuser action. |
| SQL injection vulnerability in products.php in 1st News 4 Professional (PR 1) allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in index.php in IPTBB 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewdir action. |
| SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie, a different vector than CVE-2007-5125. |
| SQL injection vulnerability in the guestbook component (components/guestbook/guestbook.php) in Drake CMS 0.4.11 and earlier allows remote attackers to execute arbitrary SQL commands via the Via HTTP header (HTTP_VIA) to index.php. |
| SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 Beta allows remote attackers to execute arbitrary SQL commands via the url parameter. |
| SQL injection vulnerability in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) R_2_5_0_94 and earlier allows remote attackers to execute SQL commands and read table information via the id parameter. |
| SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 allows remote attackers to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for 'numeric' fields." |
| SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312. |
| SQL injection vulnerability in the TU-Clausthal Staff (tuc_staff) 0.3.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in CVE. |
| SQL injection vulnerability in group_index.php in Social Groupie allows remote attackers to execute arbitrary SQL commands via the id parameter. |