Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4258 | 1 Myrephp | 1 Myre Real Estate Software | 2012-08-14 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote attackers to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php. | |||||
| CVE-2012-2325 | 1 Mybb | 1 Mybb | 2012-08-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-3471 | 1 Ushahidi | 1 Ushahidi Platform | 2012-08-13 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the edit functions in (1) application/controllers/admin/reports.php and (2) application/controllers/members/reports.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via an incident id. | |||||
| CVE-2012-3469 | 1 Ushahidi | 1 Ushahidi Platform | 2012-08-13 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the messages admin functionality in application/controllers/admin/messages.php, (2) application/libraries/api/MY_Checkin_Api_Object.php, (3) application/controllers/admin/messages/reporters.php, or (4) the location API in application/libraries/api/MY_Locations_Api_Object.php and application/models/location.php. | |||||
| CVE-2012-3470 | 1 Ushahidi | 1 Ushahidi Platform | 2012-08-13 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in application/libraries/api/MY_Countries_Api_Object.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to _get_countries functions. | |||||
| CVE-2012-4070 | 1 Dir2web | 1 Dir2web | 2012-08-13 | 7.5 HIGH | N/A |
| SQL injection vulnerability in system/src/dispatcher.php in Dir2web 3.0 allows remote attackers to execute arbitrary SQL commands via the oid parameter in a homepage action to index.php. | |||||
| CVE-2012-3468 | 1 Ushahidi | 1 Ushahidi Platform | 2012-08-13 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the verify function in application/controllers/alerts.php, (2) the save_all function in application/models/settings.php, or (3) the media type to the timeline function in application/controllers/json.php. | |||||
| CVE-2012-3554 | 2 Joomla, Rsgallery2 | 2 Joomla\!, Com Rsgallery2 | 2012-08-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-3998 | 1 Sayakbanerjee | 1 Sticky Notes | 2012-07-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to execute arbitrary SQL commands via the (1) paste id in admin/modules/mod_pastes.php or (2) show.php, (3) user id to admin/modules/mod_users.php, (4) project to list.php, or (5) session id to show.php. | |||||
| CVE-2012-3881 | 1 Adrian Chadd | 2 Rtg, Rtg2 | 2012-07-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php, (2) view.php, or (3) rtg.php. | |||||
| CVE-2009-4838 | 1 Secureideas | 1 Basic Analysis And Security Engine | 2012-07-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in base_ag_common.php in Basic Analysis and Security Engine (BASE) before 1.4.3.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2005-3325 | 2 Acid, Secureideas | 2 Analysis Console For Intrusion Databases, Basic Analysis And Security Engine | 2012-07-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.2, and unspecified other console scripts in these products, allow remote attackers to execute arbitrary SQL commands via the sig[1] parameter and possibly other parameters. | |||||
| CVE-2012-2338 | 1 Johan Cwiklinski | 1 Galette | 2012-05-22 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/picture.class.php in Galette 0.63, 0.63.1, 0.63.2, 0.63.3, and 0.64rc1 allows remote attackers to execute arbitrary SQL commands via the id_adh parameter to picture.php. | |||||
| CVE-2010-4842 | 1 Mhproducts | 1 Download Center | 2012-05-21 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in MHP DownloadScript (aka MH Products Download Center) 2.2 allows remote attackers to execute arbitrary SQL commands via the Name parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4938 | 1 Joomla | 2 Com Weblinks, Joomla\! | 2012-05-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a categories action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-4935 | 1 Khader Abbeb | 1 Entrans | 2012-05-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sid parameter. | |||||
| CVE-2010-4950 | 2 Joachim Ruhs, Typo3 | 2 Event, Typo3 | 2012-05-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-4929 | 2 Joomla, Joostina-cms | 2 Joomla\!, Com Ezautos | 2012-05-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joostina (com_ezautos) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the firstCode parameter in a helpers action to index.php. | |||||
| CVE-2010-4934 | 1 Svcreation | 1 Get Tube | 2012-05-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in video.php in Get Tube 4.51 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2010-4904 | 2 Joomla, Simon Philips | 2 Joomla\!, Com Aardvertiser | 2012-05-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view action to index.php. NOTE: some of these details are obtained from third party information. | |||||