Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-04-09 | CVE-2010-1343 | SQL Injection vulnerability in Bjsintay Sitex 0.7.4 SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter. | 7.5 |
2010-04-09 | CVE-2010-1341 | SQL Injection vulnerability in Systemsoftware Community Black Forum SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attackers to execute arbitrary SQL commands via the s_flaeche parameter. | 7.5 |
2010-04-09 | CVE-2010-1338 | SQL Injection vulnerability in Robertotto Teamsite Hack Plugin SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action. | 7.5 |
2010-04-09 | CVE-2010-1336 | SQL Injection vulnerability in Invohost 3.4 Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) newlanguage parameters to site.php, (3) search parameter to manuals.php, and (4) unspecified vectors to faq.php. | 7.5 |
2010-04-09 | CVE-2010-1331 | SQL Injection vulnerability in Heartlogic Hl-Sitemanager SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2010-04-07 | CVE-2010-1301 | SQL Injection vulnerability in Merethis Centreon 2.1.5 SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the host_id parameter. | 7.5 |
2010-04-07 | CVE-2010-1300 | SQL Injection vulnerability in Yamamah 1.00 SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Album) 1.00 allows remote attackers to execute arbitrary SQL commands via the calbums parameter. | 7.5 |
2010-04-07 | CVE-2010-0400 | SQL Injection vulnerability in Mahara 1.0.4 SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username. | 7.5 |
2010-04-06 | CVE-2010-1277 | SQL Injection vulnerability in Zabbix 1.8/1.8.1 SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to api_jsonrpc.php. | 7.5 |
2010-04-06 | CVE-2010-1271 | SQL Injection vulnerability in Smart-Plugs Smartplugs 1.3 SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute arbitrary SQL commands via the domain parameter. | 7.5 |