Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-09 | CVE-2010-4926 | SQL Injection vulnerability in Timetrack COM Timetrack 1.2.4 SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to index.php. | 7.5 |
2011-10-09 | CVE-2010-4925 | SQL Injection vulnerability in Nuked-Klan Partenaires Module 1.5 SQL injection vulnerability in clic.php in the Partenaires module 1.5 for Nuked-Klan allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2011-10-09 | CVE-2010-4923 | SQL Injection vulnerability in Virtuenetz Virtue Book Store SQL injection vulnerability in book/detail.php in Virtue Netz Virtue Book Store allows remote attackers to execute arbitrary SQL commands via the bid parameter. | 7.5 |
2011-10-09 | CVE-2010-4922 | SQL Injection vulnerability in Allinta CMS 22.07.2010 Multiple SQL injection vulnerabilities in Allinta CMS 22.07.2010 allow remote attackers to execute arbitrary SQL commands via the i parameter in an edit action to (1) contentAE.asp or (2) templatesAE.asp. | 7.5 |
2011-10-08 | CVE-2010-4921 | SQL Injection vulnerability in Dmxready Polling Booth Manager SQL injection vulnerability in inc_pollingboothmanager.asp in DMXReady Polling Booth Manager allows remote attackers to execute arbitrary SQL commands via the QuestionID parameter in a results action. | 7.5 |
2011-10-08 | CVE-2010-4920 | SQL Injection vulnerability in Micronetsoft Rental Property Website 1.0 SQL injection vulnerability in detail.asp in Micronetsoft Rental Property Management Website 1.0 allows remote attackers to execute arbitrary SQL commands via the ad_ID parameter. | 7.5 |
2011-10-08 | CVE-2010-4919 | SQL Injection vulnerability in Micronetsoft RV Dealer Website 1.0 SQL injection vulnerability in detail.asp in Micronetsoft RV Dealer Website 1.0 allows remote attackers to execute arbitrary SQL commands via the vehicletypeID parameter. | 7.5 |
2011-10-08 | CVE-2010-4917 | SQL Injection vulnerability in A-Blog 2.0 SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote attackers to execute arbitrary SQL commands via the words parameter. | 7.5 |
2011-10-08 | CVE-2010-4916 | SQL Injection vulnerability in Coldgen Coldusergroup 1.06 Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the (1) ArticleID or (2) LibraryID parameter. | 7.5 |
2011-10-08 | CVE-2010-4915 | SQL Injection vulnerability in Coldgen Coldbookmarks 1.22 SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action. | 7.5 |