Security Vulnerabilities, CVEs, Published In March 2011 (Sql injection) CVSS score >= 4
SQL injection vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus before 7.3.0.4 allows remote attackers to execute arbitrary SQL commands via "dynamic SQL parameters."
Max CVSS
7.5
EPSS Score
0.26%
Published
2011-03-09
Updated
2017-08-17
Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) admin/bw_per_month.php or (2) client/bw_per_month.php.
Max CVSS
7.5
EPSS Score
0.45%
Published
2011-03-07
Updated
2017-08-17
Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.36%
Published
2011-03-14
Updated
2011-03-15
SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via the tid2 parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2011-03-23
Updated
2017-08-17
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171.
Max CVSS
7.5
EPSS Score
0.12%
Published
2011-03-23
Updated
2011-03-24
SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.14%
Published
2011-03-23
Updated
2011-03-24
SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action.
Max CVSS
7.5
EPSS Score
0.09%
Published
2011-03-23
Updated
2011-09-22
SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter, a different vector than CVE-2008-6593, CVE-2010-3484, and CVE-2010-3485. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
6.8
EPSS Score
0.14%
Published
2011-03-01
Updated
2017-08-17
SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the id parameter in an edituser action, a different vector than CVE-2008-6593, CVE-2010-3484, and CVE-2010-3485.
Max CVSS
6.0
EPSS Score
0.17%
Published
2011-03-01
Updated
2017-08-17
9 vulnerabilities found