Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-19 | CVE-2010-1013 | SQL Injection vulnerability in Fr.Simon Rundell PD Diocesedatabase SQL injection vulnerability in the Diocese of Portsmouth Database (pd_diocesedatabase) extension before 0.7.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1012 | SQL Injection vulnerability in Mathias Schreiber NF Cleandb SQL injection vulnerability in the CleanDB (nf_cleandb) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1010 | SQL Injection vulnerability in Matthias Kall MK Wastebasket SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1009 | SQL Injection vulnerability in Joachim-Ruhs Educator 0.1.5 SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1006 | SQL Injection vulnerability in Typo3 Brainstorming SQL injection vulnerability in the Brainstorming extension 0.1.8 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1004 | SQL Injection vulnerability in Mischa Heimann Yatse SQL injection vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-18 | CVE-2009-4735 | SQL Injection vulnerability in Allomani Audio & Video Library 2.7.0 SQL injection vulnerability in login.php in Allomani Audio & Video Library (Songs & Clips version) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | 7.5 |
2010-03-18 | CVE-2009-4734 | SQL Injection vulnerability in Allomani Movies Library 2.7.0 SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | 7.5 |
2010-03-18 | CVE-2009-4733 | SQL Injection vulnerability in Supercrackmunkey Simpleloginsys 0.5 SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | 6.8 |
2010-03-18 | CVE-2009-4732 | SQL Injection vulnerability in Technotoad TT web Site Manager 0.5 SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tt_name parameter. | 6.8 |