Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-16 | CVE-2010-0973 | SQL Injection vulnerability in Scripteverkauf Domain Verkaus and Auktions Portal SQL injection vulnerability in index.php in phppool media Domain Verkaus and Auktions Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-03-16 | CVE-2010-0970 | SQL Injection vulnerability in Jorik Berkepas PHPmylogon 2.0 SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2010-03-16 | CVE-2010-0968 | SQL Injection vulnerability in Geekhelps Admp 1.01 SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote attackers to execute arbitrary SQL commands via the click parameter. | 7.5 |
2010-03-16 | CVE-2010-0964 | SQL Injection vulnerability in Media-Products Eros Webkatalog SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action. | 7.5 |
2010-03-15 | CVE-2009-4718 | SQL Injection vulnerability in Gonafish Webstatcaffe SQL injection vulnerability in visitorduration.php in Gonafish WebStatCaffe allows remote attackers to execute arbitrary SQL commands via the nodayshow parameter. | 7.5 |
2010-03-15 | CVE-2009-4712 | SQL Injection vulnerability in Tukanas Easyclassifieds Script 1.0 SQL injection vulnerability in index.php in Tukanas Classifieds (aka EasyClassifieds) Script 1.0 allows remote attackers to execute arbitrary SQL commands via the b parameter. | 7.5 |
2010-03-15 | CVE-2009-4711 | SQL Injection vulnerability in JAN Bednarik Cooluri SQL injection vulnerability in the CoolURI (cooluri) extension before 1.0.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2008-6686. | 7.5 |
2010-03-15 | CVE-2009-4710 | SQL Injection vulnerability in Robert Heel CWT Resetbepassword SQL injection vulnerability in the Reset backend password (cwt_resetbepassword) extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4709 | SQL Injection vulnerability in Dirk Maiwert Datamints Newsticker SQL injection vulnerability in the datamints Newsticker (datamints_newsticker) extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4708 | SQL Injection vulnerability in Maximo Cuadros GB Fenewssubmit SQL injection vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |