Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-03-23 | CVE-2010-1070 | SQL Injection vulnerability in Imagoscripts Deviant ART Clone SQL injection vulnerability in index.php in ImagoScripts Deviant Art Clone allows remote attackers to execute arbitrary SQL commands via the seid parameter in a forums viewcat action. | 7.5 |
| 2010-03-23 | CVE-2010-1069 | SQL Injection vulnerability in Proarcadescript SQL injection vulnerability in games/game.php in ProArcadeScript allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2010-03-23 | CVE-2010-1054 | SQL Injection vulnerability in Parscms Multiple SQL injection vulnerabilities in ParsCMS allow remote attackers to execute arbitrary SQL commands via the RP parameter to (1) fa_default.asp and (2) en_default.asp. | 7.5 |
| 2010-03-23 | CVE-2010-1053 | SQL Injection vulnerability in Zentracking ZEN Time Tracking Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to (a) userlogin.php and (b) managerlogin.php. | 6.8 |
| 2010-03-23 | CVE-2010-1051 | SQL Injection vulnerability in Alexandre Dubus Audistat 1.3 Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) month parameters. | 7.5 |
| 2010-03-23 | CVE-2010-1050 | SQL Injection vulnerability in Alexandre Dubus Audistat 1.3 SQL injection vulnerability in index.php in AudiStat 1.3 allows remote attackers to execute arbitrary SQL commands via the mday parameter. | 7.5 |
| 2010-03-23 | CVE-2010-1049 | SQL Injection vulnerability in Uiga Business Portal Multiple SQL injection vulnerabilities in Uiga Business Portal allow remote attackers to execute arbitrary SQL commands via the (1) noentryid parameter to blog/index.php and the (2) p parameter to index2.php. | 7.5 |
| 2010-03-23 | CVE-2010-1047 | SQL Injection vulnerability in Masa2El Music City 1.0/1.1 SQL injection vulnerability in index.php in MASA2EL Music City 1.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a singer action. | 7.5 |
| 2010-03-23 | CVE-2010-1046 | SQL Injection vulnerability in Ryan Marshall Rostermain Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters. | 7.5 |
| 2010-03-23 | CVE-2010-1045 | SQL Injection vulnerability in Design-Cars COM Productbook 1.0.4 SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |