Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-02-16 | CVE-2010-4739 | SQL Injection vulnerability in Aretimes COM Maianmedia SQL injection vulnerability in the Maian Media Silver (com_maianmedia) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a music action to index.php. | 7.5 |
| 2011-02-16 | CVE-2010-4738 | SQL Injection vulnerability in Raemedia Real Estate Single and Multi Agent System 3.0 Multiple SQL injection vulnerabilities in Rae Media INC Real Estate Single and Multi Agent System 3.0 allow remote attackers to execute arbitrary SQL commands via the probe parameter to (1) multi/city.asp in the Multi Agent System and (2) resulttype.asp in the Single Agent System. | 7.5 |
| 2011-02-16 | CVE-2010-4737 | SQL Injection vulnerability in Hotwebscripts Hotweb Rentals SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PropResort parameter. | 7.5 |
| 2011-02-16 | CVE-2010-4736 | SQL Injection vulnerability in Gatesoft Docusafe 4.1.0/4.1.2 SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the ECO_ID parameter. | 7.5 |
| 2011-02-16 | CVE-2010-4735 | SQL Injection vulnerability in Ecommercemax Digital-Goods Seller 1.5 SQL injection vulnerability in shoppingcart.asp in Ecommercemax Solutions Digital-goods seller (DGS) 1.5 allows remote attackers to execute arbitrary SQL commands via the d parameter. | 7.5 |
| 2011-02-01 | CVE-2010-4721 | SQL Injection vulnerability in Mhproducts Immo Makler SQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2011-02-01 | CVE-2010-4720 | SQL Injection vulnerability in Harmistechnology COM Jeauto SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page. | 7.5 |
| 2011-01-25 | CVE-2011-0646 | SQL Injection vulnerability in Anserv PHP LOW Bids SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |
| 2011-01-25 | CVE-2011-0645 | SQL Injection vulnerability in PHPcms 2008 2 SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the where_time parameter in a get action. | 7.5 |
| 2011-01-25 | CVE-2011-0644 | SQL Injection vulnerability in PHPcms 2008 2 SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flash_upload.php. | 7.5 |