| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in allauctions.php in Telebid Auction Script allows remote attackers to execute arbitrary SQL commands via the aid parameter. |
| SQL injection vulnerability in spnews.php in MyBuxScript PTC-BUX allows remote attackers to execute arbitrary SQL commands via the id parameter in an spnews action to the default URI. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a forum_catview action. |
| SQL injection vulnerability in tr.php in YourFreeWorld Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions LinkPal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in login.aspx in ProSMDR allows remote attackers to execute arbitrary SQL commands via the txtUser parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions SitePal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in index.php in the Arcade module in bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a play_game action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. |
| SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in index.php in Super Mod System, when using the 68 Classifieds 3.1 Core System, allows remote attackers to execute arbitrary SQL commands via the s parameter. |
| SQL injection vulnerability in index.php in Moa Gallery 1.1.0 and 1.2.0 allows remote attackers to execute arbitrary SQL commands via the gallery_id parameter in a gallery_view action. |
| Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php, (2) cate_id parameter to category.php, (3) id parameter to news.php, and (4) productid parameter to itechd.php. NOTE: the sellers_othersitem.php, classifieds.php, and shop.php vectors are already covered by CVE-2008-3238. |
| SQL injection vulnerability in reward_points.post.php in the Reward points addon in CS-Cart before 2.0.6 allows remote authenticated users to execute arbitrary SQL commands via the sort_order parameter in a reward_points.userlog action to index.php, a different vulnerability than CVE-2005-4429.2. |
| SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers to execute arbitrary SQL commands via the catagorie parameter. |
| SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute arbitrary SQL commands via the password parameter. |
| SQL injection vulnerability in publico/ficha.php in NetHoteles 3.0 allows remote attackers to execute arbitrary SQL commands via the id_establecimiento parameter. |
| SQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allows remote attackers to execute arbitrary SQL commands via the hal parameter. |
| SQL injection vulnerability in bannerclick.php in ZeeMatri 3.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter. |
| SQL injection vulnerability in index.php in webCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id_doc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
