Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-18 | CVE-2009-4730 | SQL Injection vulnerability in X10Media Adult Script 1.7 SQL injection vulnerability in report.php in x10 Adult Media Script 1.7 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-03-18 | CVE-2009-4728 | SQL Injection vulnerability in Questions Answered Questions Answered 1.3 SQL injection vulnerability in the administrative interface in Questions Answered 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2010-03-18 | CVE-2009-4727 | SQL Injection vulnerability in Junglescripts Ajax Short URL Script SQL injection vulnerability in x/login in JungleScripts Ajax Short Url Script allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2010-03-18 | CVE-2009-4724 | SQL Injection vulnerability in Paymentprocessorscript Ppscript SQL injection vulnerability in shop.htm in PaymentProcessorScript.net PPScript allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2010-03-18 | CVE-2009-4722 | SQL Injection vulnerability in Limny 1.01 SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | 6.8 |
2010-03-18 | CVE-2009-4721 | SQL Injection vulnerability in Andrews-Web Aw-Bannerad 1.0 Multiple SQL injection vulnerabilities in Admin/index.asp in Andrews-Web (A-W) BannerAd 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) User and (2) Password parameters. | 7.5 |
2010-03-18 | CVE-2009-4720 | SQL Injection vulnerability in Gnudip 2.1.1 SQL injection vulnerability in cgi-bin/gnudip.cgi in GnuDIP 2.1.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2010-03-18 | CVE-2009-4719 | SQL Injection vulnerability in BOB Jewell Discloser 0.0.4 SQL injection vulnerability in index.php in Discloser 0.0.4 rc2 allows remote attackers to execute arbitrary SQL commands via the more parameter. | 7.5 |
2010-03-16 | CVE-2010-0981 | SQL Injection vulnerability in Templateplazza COM Tpjobs SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php. | 7.5 |
2010-03-16 | CVE-2010-0980 | SQL Injection vulnerability in Mitchell Sleeper L4D Stats 1.1 SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter. | 7.5 |