Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-12-01 | CVE-2010-4357 | SQL Injection vulnerability in Boka Siteengine 7.1 SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module parameter. | 7.5 |
2010-12-01 | CVE-2010-4356 | SQL Injection vulnerability in Site2Nite BIG Truck Broker SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter. | 7.5 |
2010-12-01 | CVE-2008-7267 | SQL Injection vulnerability in Boka Siteengine 5.0 SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-11-26 | CVE-2010-4298 | SQL Injection vulnerability in Dustincowell Free Simple Software 1.0 SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php. | 7.5 |
2010-11-17 | CVE-2010-4273 | SQL Injection vulnerability in Accimoveis Descargarvista ACC Imoveis 1.1 SQL injection vulnerability in imoveis.php in DescargarVista ACC IMoveis 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-11-17 | CVE-2010-4272 | SQL Injection vulnerability in Pulseinfotech COM Sponsorwall 1.1 SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sponsorwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | 7.5 |
2010-11-17 | CVE-2010-4271 | SQL Injection vulnerability in Impresscms SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-11-17 | CVE-2010-4269 | SQL Injection vulnerability in O-Dyn Collabtive 0.6.5 SQL injection vulnerability in managechat.php in Collabtive 0.65 allows remote attackers to execute arbitrary SQL commands via the chatstart[USERTOID] cookie in a pull action. | 7.5 |
2010-11-17 | CVE-2010-4268 | SQL Injection vulnerability in Pulseinfotech COM Flipwall 1.1 SQL injection vulnerability in the Pulse Infotech Flip Wall (com_flipwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | 7.5 |
2010-11-09 | CVE-2010-2635 | SQL Injection vulnerability in IBM Websphere Commerce SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified parameters to "Commerce Organization Admin Console JavaServer pages." | 6.5 |