Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-10-08 | CVE-2010-4898 | SQL Injection vulnerability in Gantry-Framework COM Gantry 3.0.10 SQL injection vulnerability in the Gantry (com_gantry) component 3.0.10 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter to index.php. | 7.5 |
| 2011-10-08 | CVE-2010-4897 | SQL Injection vulnerability in Bluecms Project Bluecms 1.6 SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action. | 7.5 |
| 2011-10-08 | CVE-2010-4894 | SQL Injection vulnerability in Chillycms 1.1.3 SQL injection vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to execute arbitrary SQL commands via the name parameter. | 7.5 |
| 2011-10-07 | CVE-2010-4891 | SQL Injection vulnerability in Andreas Kiefer KE YAC SQL injection vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2011-10-07 | CVE-2010-4888 | SQL Injection vulnerability in Marco Hezel HM Tinymarket SQL injection vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2011-10-07 | CVE-2010-4887 | SQL Injection vulnerability in Raphael Zschorsch Commentsbe SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2011-10-07 | CVE-2010-4876 | SQL Injection vulnerability in Mblogger Project Mblogger 1.0.04 SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows remote attackers to execute arbitrary SQL commands via the postID parameter. | 7.5 |
| 2011-10-07 | CVE-2010-4872 | SQL Injection vulnerability in Pilotcart Pilot Cart 7.3 SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the specific parameter. | 7.5 |
| 2011-10-07 | CVE-2010-4870 | SQL Injection vulnerability in Bloofox Bloofoxcms 0.3.5 SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote attackers to execute arbitrary SQL commands via the gender parameter. | 7.5 |
| 2011-10-05 | CVE-2010-4869 | SQL Injection vulnerability in Drbenhur Dbhcms 1.1.4 SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrary SQL commands via the editmenu parameter. | 7.5 |