Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-05 | CVE-2010-4854 | SQL Injection vulnerability in Zuitu 1.6 SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a consume action. | 6.8 |
2011-10-05 | CVE-2010-4853 | SQL Injection vulnerability in Chillcreations COM Ccinvoices SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php. | 7.5 |
2011-10-05 | CVE-2008-7301 | SQL Injection vulnerability in Sclek Jsite 1.0 SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2011-10-02 | CVE-2011-0553 | SQL Injection vulnerability in Symantec IM Manager SQL injection vulnerability in the management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2011-09-27 | CVE-2011-3688 | SQL Injection vulnerability in Sonexis Conferencemanager 9.3.14.0 Multiple SQL injection vulnerabilities in Sonexis ConferenceManager 9.3.14.0 allow remote attackers to execute arbitrary SQL commands via (1) the g parameter to Conference/Audio/AudioResourceContainer.asp or (2) the txtConferenceID parameter to Login/HostLogin.asp. | 7.5 |
2011-09-27 | CVE-2010-4851 | SQL Injection vulnerability in Eclime 1.1.2B Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote attackers to execute arbitrary SQL commands via the (1) ref or (2) poll_id parameter to index.php, or the (3) country parameter to create_account.php. | 7.5 |
2011-09-27 | CVE-2010-4849 | SQL Injection vulnerability in Alibabaclone Alibaba Clone B2B 3.4 SQL injection vulnerability in countrydetails.php in Alibaba Clone B2B 3.4 allows remote attackers to execute arbitrary SQL commands via the es_id parameter. | 7.5 |
2011-09-27 | CVE-2010-4847 | SQL Injection vulnerability in Mhproducts MHP Downloadshop SQL injection vulnerability in view_item.php in MH Products MHP Downloadshop allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | 7.5 |
2011-09-27 | CVE-2010-4846 | SQL Injection vulnerability in Mhproducts PAY PAL Shop Digital SQL injection vulnerability in view_item.php in MH Products Pay Pal Shop Digital allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | 7.5 |
2011-09-27 | CVE-2010-4845 | SQL Injection vulnerability in Mhproducts Projekt Shop Multiple SQL injection vulnerabilities in MH Products Projekt Shop allow remote attackers to execute arbitrary SQL commands via the (1) ts parameter to details.php and possibly the (2) ilceler parameter to index.php. | 7.5 |