Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4702 | 2 Markus Barchfeld, Typo3 | 2 Pm Tour, Typo3 | 2010-03-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Tour Extension (pm_tour) extension before 0.0.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4711 | 2 Jan Bednarik, Typo3 | 2 Cooluri, Typo3 | 2010-03-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the CoolURI (cooluri) extension before 1.0.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2008-6686. | |||||
| CVE-2009-4701 | 2 Liviu Mitrofan, Typo3 | 2 Myth Download, Typo3 | 2010-03-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4691 | 1 Resalecode | 1 Classified Linktrader Script | 2010-03-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in addlink.php in Classified Linktrader Script allows remote attackers to execute arbitrary SQL commands via the slctCategories parameter. | |||||
| CVE-2009-4689 | 1 Resalecode | 1 Php Shopping Cart Selling Website Script | 2010-03-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHP Shopping Cart Selling Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2010-0802 | 2 Aleinbeen, Invision Power Services | 2 \(nv2\) Awards, Invision Power Board | 2010-03-02 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in (nv2) Awards 1.1.0, a modification for Invision Power Board, allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action. | |||||
| CVE-2010-0798 | 2 Snowflake, Typo3 | 2 T3blog, Typo3 | 2010-03-02 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0763 | 1 Commodityrentals | 1 Vacation Rental Software | 2010-03-02 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CommodityRentals Vacation Rental Software allows remote attackers to execute arbitrary SQL commands via the rental_id parameter in a CalendarView action. | |||||
| CVE-2010-0692 | 2 Iptechinside, Joomla | 2 Com Jquarks, Joomla\! | 2010-03-02 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0691 | 1 Jtl-software | 1 Jtl-shop | 2010-03-02 | 7.5 HIGH | N/A |
| SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arbitrary SQL commands via the s parameter. | |||||
| CVE-2010-0710 | 1 Aspcodecms | 1 Aspcode Cms | 2010-02-25 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-4650 | 2 Joomla, Onnogroen | 2 Joomla\!, Com Webeecomment | 2010-02-22 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a default action to index2.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0677 | 1 Katalog.hurricane | 1 Katalog Stron Hurricane | 2010-02-22 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter. | |||||
| CVE-2010-0673 | 2 Copperleaf, Wordpress | 2 Photolog, Wordpress | 2010-02-22 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter. | |||||
| CVE-2010-0635 | 2 Jevents, Joomla | 2 Jevents Search Plugin, Joomla\! | 2010-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0631 | 1 Eicrasoft | 1 Eicra Car Rental-script | 2010-02-14 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote attackers to execute arbitrary SQL commands via the (1) users (username) and (2) passwords parameters. | |||||
| CVE-2009-2439 | 1 Web Development House | 1 Alibaba Clone | 2010-02-12 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Web Development House Alibaba Clone allow remote attackers to execute arbitrary SQL commands via the (1) IndustryID parameter to category.php and the (2) SellerID parameter to supplier/view_contact_details.php. NOTE: this is a product that was developed by a third party; it is not associated with alibaba.com or the Alibaba Group. | |||||
| CVE-2010-0605 | 1 Osticket | 1 Osticket | 2010-02-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter. | |||||
| CVE-2010-0608 | 1 Novaboard | 1 Novaboard | 2010-02-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the forums[] parameter in a search action. | |||||
| CVE-2010-0158 | 2 Joomla, Joomlabamboo | 2 Joomla, Jb Simpla | 2010-02-04 | 7.5 HIGH | N/A |
| ** DISPUTED ** SQL injection vulnerability in the JoomlaBamboo (JB) Simpla Admin template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to the com_content component, reachable through index.php. NOTE: the vendor disputes this report, saying: "JoomlaBamboo has investigated this report, and it is incorrect. There is no SQL injection vulnerability involving the id parameter in an article view, and there never was. JoomlaBamboo customers have no reason to be concerned about this report." | |||||