SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
0.13%
Published
2011-10-05
Updated
2017-08-29
SQL injection vulnerability in netinvoice.php in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving "knowledge of ... the contents of an encrypted file."
Max CVSS
7.5
EPSS Score
0.12%
Published
2011-10-05
Updated
2012-05-14
SQL injection vulnerability in secure/index.php in IdeaCart 0.02 allows remote attackers to execute arbitrary SQL commands via the cID parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2011-09-12
Updated
2017-09-19
SQL injection vulnerability in editcomments.php in Bloggeruniverse Beta 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter and possibly other unspecified vectors.
Max CVSS
6.8
EPSS Score
0.06%
Published
2011-09-12
Updated
2017-09-19
SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2011-09-12
Updated
2017-09-19
SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate allows remote attackers to execute arbitrary SQL commands via the item parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2011-09-12
Updated
2017-09-19
SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter.
Max CVSS
7.5
EPSS Score
0.13%
Published
2011-10-21
Updated
2012-05-14
SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter.
Max CVSS
7.5
EPSS Score
1.29%
Published
2011-01-14
Updated
2017-08-17
Unspecified vulnerability in the Real User Experience Insight component in Oracle Enterprise Manager Grid Control 6.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Processing. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this is SQL injection in rsynclogdird involving improper escaping of UTF-8 characters while processing log files.
Max CVSS
6.4
EPSS Score
3.76%
Published
2011-01-19
Updated
2017-08-17
SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.35%
Published
2011-01-13
Updated
2017-08-17
SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to AjaxSearch.
Max CVSS
7.5
EPSS Score
0.23%
Published
2011-02-02
Updated
2017-08-17
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via (1) the filter_order parameter in a com_weblinks category action to index.php, (2) the filter_order_Dir parameter in a com_weblinks category action to index.php, or (3) the filter_order_Dir parameter in a com_messages action to administrator/index.php.
Max CVSS
7.5
EPSS Score
2.51%
Published
2011-01-18
Updated
2018-08-13
SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.29%
Published
2011-05-09
Updated
2011-05-27
Multiple SQL injection vulnerabilities in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.45%
Published
2011-01-07
Updated
2017-08-17
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_contact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
0.13%
Published
2011-01-18
Updated
2011-07-19
The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions.
Max CVSS
6.8
EPSS Score
0.18%
Published
2011-01-18
Updated
2017-09-19
SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.14%
Published
2011-01-20
Updated
2017-08-17
SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
0.14%
Published
2011-01-20
Updated
2011-01-21
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page.
Max CVSS
7.5
EPSS Score
0.14%
Published
2011-02-01
Updated
2011-02-15
SQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.13%
Published
2011-02-01
Updated
2011-02-15
SQL injection vulnerability in shoppingcart.asp in Ecommercemax Solutions Digital-goods seller (DGS) 1.5 allows remote attackers to execute arbitrary SQL commands via the d parameter.
Max CVSS
7.5
EPSS Score
0.12%
Published
2011-02-16
Updated
2011-02-16
SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the ECO_ID parameter. NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.07%
Published
2011-02-16
Updated
2011-09-22
SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PropResort parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2011-02-16
Updated
2011-09-22
Multiple SQL injection vulnerabilities in Rae Media INC Real Estate Single and Multi Agent System 3.0 allow remote attackers to execute arbitrary SQL commands via the probe parameter to (1) multi/city.asp in the Multi Agent System and (2) resulttype.asp in the Single Agent System.
Max CVSS
7.5
EPSS Score
0.13%
Published
2011-02-16
Updated
2011-09-22
SQL injection vulnerability in the Maian Media Silver (com_maianmedia) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a music action to index.php.
Max CVSS
7.5
EPSS Score
0.41%
Published
2011-02-16
Updated
2013-07-04
292 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!