Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-09-27 | CVE-2010-4844 | SQL Injection vulnerability in Mhproducts Easy Online Shop SQL injection vulnerability in content.php in MH Products Easy Online Shop allows remote attackers to execute arbitrary SQL commands via the kat parameter. | 7.5 |
| 2011-09-27 | CVE-2010-4843 | SQL Injection vulnerability in PHPwebscripts AD Manager PRO 3.0 SQL injection vulnerability in website-page.php in PHP Web Scripts Ad Manager Pro 3.0 allows remote attackers to execute arbitrary SQL commands via the pageId parameter. | 7.5 |
| 2011-09-27 | CVE-2010-4842 | SQL Injection vulnerability in Mhproducts Download Center 2.2 SQL injection vulnerability in admin/login.php in MHP DownloadScript (aka MH Products Download Center) 2.2 allows remote attackers to execute arbitrary SQL commands via the Name parameter. | 7.5 |
| 2011-09-22 | CVE-2011-1913 | SQL Injection vulnerability in Mercator Sentinel 2.0 SQL injection vulnerability in the login form in the web interface in Mercator SENTINEL 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2011-09-15 | CVE-2011-3394 | SQL Injection vulnerability in Myrephp Myre Real Estate Software SQL injection vulnerability in findagent.php in MYRE Real Estate Software allows remote attackers to execute arbitrary SQL commands via the page parameter. | 7.5 |
| 2011-09-14 | CVE-2010-4839 | SQL Injection vulnerability in Edgetechweb Event Registration SQL injection vulnerability in the Event Registration plugin 5.32 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the event_id parameter in a register action. | 7.5 |
| 2011-09-14 | CVE-2010-4838 | SQL Injection vulnerability in Extensiondepot COM Jsupport 1.5.6 SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the alpha parameter in a (1) listTickets or (2) listFaqs action to administrator/index.php. | 6.0 |
| 2011-09-14 | CVE-2010-4834 | SQL Injection vulnerability in Oneorzero Aims 2.6.0/2.7.0 Multiple SQL injection vulnerabilities in index.php in OneOrZero AIMS 2.6.0 Members Edition and 2.7.0 Trial Edition allow remote authenticated users to execute arbitrary SQL commands via the (1) id parameter in a saved_search action and (2) item_types parameter in a show_item_search action in the search_management_manage subcontroller. | 6.5 |
| 2011-09-12 | CVE-2009-5094 | SQL Injection vulnerability in Cmsfaethon CMS Faethon 2.2.0 SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate allows remote attackers to execute arbitrary SQL commands via the item parameter. | 7.5 |
| 2011-09-12 | CVE-2009-5091 | SQL Injection vulnerability in Vlinks 1.0.3/1.1.6 SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |