Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-06-20 | CVE-2013-4634 | SQL Injection vulnerability in Raphael Zschorsch Rzautocomplete SQL injection vulnerability in the jQuery autocomplete for indexed_search (rzautocomplete) extension before 0.0.9 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-06-14 | CVE-2013-3957 | SQL Injection vulnerability in Siemens Simatic Pcs7 and Wincc SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-05-31 | CVE-2013-3721 | SQL Injection vulnerability in Psychostats 3.2.2B SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter. | 7.5 |
2013-05-27 | CVE-2013-2956 | SQL Injection vulnerability in IBM Infosphere Optim Data Growth FOR Oracle E-Business Suite SQL injection vulnerability in the Console in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-05-13 | CVE-2013-3537 | SQL Injection vulnerability in Wesley Destailleur Todoo Forum 2.0 Multiple SQL injection vulnerabilities in todooforum.php in Todoo Forum 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id_post or (2) pg parameter. | 7.5 |
2013-05-13 | CVE-2013-3536 | SQL Injection vulnerability in Whmcs Group PAY SQL injection vulnerability in the gp_LoadUserFromHash function in functions_hash.php in the Group Pay module 1.5 and earlier for WHMCS allows remote attackers to execute arbitrary SQL commands via the hash parameter. | 7.5 |
2013-05-10 | CVE-2013-3533 | SQL Injection vulnerability in Virtualaccess Virtual Access Monitor Multiple SQL injection vulnerabilities in Virtual Access Monitor 3.10.17 and earlier allow attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-05-10 | CVE-2013-3532 | SQL Injection vulnerability in Webdorado Spider Video Player 2.1 SQL injection vulnerability in settings.php in the Web Dorado Spider Video Player plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the theme parameter. | 7.5 |
2013-05-10 | CVE-2013-3531 | SQL Injection vulnerability in Radiocms 2.2 SQL injection vulnerability in meneger.php in RadioCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter. | 7.5 |
2013-05-10 | CVE-2013-3530 | SQL Injection vulnerability in Fabricio Zuardi Xspf Player Plugin 0.1 SQL injection vulnerability in playlist.php in the Spiffy XSPF Player plugin 0.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter. | 7.5 |