Security Vulnerabilities, CVEs, Published In March 2011 (Sql injection) CVSS score >= 7
SQL injection vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus before 7.3.0.4 allows remote attackers to execute arbitrary SQL commands via "dynamic SQL parameters."
Max CVSS
7.5
EPSS Score
0.26%
Published
2011-03-09
Updated
2017-08-17
Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) admin/bw_per_month.php or (2) client/bw_per_month.php.
Max CVSS
7.5
EPSS Score
0.45%
Published
2011-03-07
Updated
2017-08-17
Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.36%
Published
2011-03-14
Updated
2011-03-15
SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via the tid2 parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2011-03-23
Updated
2017-08-17
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171.
Max CVSS
7.5
EPSS Score
0.12%
Published
2011-03-23
Updated
2011-03-24
SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.14%
Published
2011-03-23
Updated
2011-03-24
SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action.
Max CVSS
7.5
EPSS Score
0.09%
Published
2011-03-23
Updated
2011-09-22
7 vulnerabilities found