Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-10-09 | CVE-2010-4958 | SQL Injection vulnerability in Pradoportal Prado Portal 1.2.0 SQL injection vulnerability in index.php in Prado Portal 1.2.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | 7.5 |
| 2011-10-09 | CVE-2010-4957 | SQL Injection vulnerability in Nadine Schwingler KE Questionnaire 1.2.1/2.0.0 SQL injection vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2011-10-09 | CVE-2010-4955 | SQL Injection vulnerability in PHP-Programs Apboard Developers Apboard SQL injection vulnerability in board/board.php in APBoard Developers APBoard 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3078. | 7.5 |
| 2011-10-09 | CVE-2010-4954 | SQL Injection vulnerability in Gambio Xt:Commerce Gambio 2008 SQL injection vulnerability in product_reviews_info.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the products_id parameter. | 7.5 |
| 2011-10-09 | CVE-2010-4952 | SQL Injection vulnerability in Joachim Ruhs Festat 0.1.6/0.1.8/0.1.9 SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2011-10-09 | CVE-2010-4950 | SQL Injection vulnerability in Joachim Ruhs Event SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2011-10-09 | CVE-2010-4946 | SQL Injection vulnerability in Allpcscript Allpc 2.5 SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter. | 7.5 |
| 2011-10-09 | CVE-2010-4945 | SQL Injection vulnerability in Joomla COM Camelcitydb2 2.2 SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
| 2011-10-09 | CVE-2010-4944 | SQL Injection vulnerability in Joomla COM Elite Experts SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php. | 7.5 |
| 2011-10-09 | CVE-2010-4942 | SQL Injection vulnerability in E-Xoopport Samsara 3.0/3.1 SQL injection vulnerability in location.php in the eCal module in E-Xoopport Samsara 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter. | 7.5 |