Total
12550 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1339 | 1 Oracle | 2 Database Server, Oracle9i | 2024-02-28 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the new.table_name or new.column_name parameters. | |||||
CVE-2003-1533 | 1 Phppass | 1 Phppass | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameters. | |||||
CVE-2002-2305 | 1 Phpsecure.org | 1 Immobilier | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in agentadmin.php in Immobilier allows remote attackers to execute arbitrary SQL commands via the (1) agentname or (2) agentpassword parameter. | |||||
CVE-2002-0999 | 1 Care 2002 | 1 Care 2002 | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in CARE 2002 before beta 1.0.02 allow remote attackers to perform unauthorized database operations. | |||||
CVE-2002-2252 | 1 Atthat.com | 1 Thatware | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in auth.inc.php in Thatware 0.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via a base64-encoded user parameter. | |||||
CVE-2003-1520 | 1 Fuzzymonkey | 1 Myclassifieds | 2024-02-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter. | |||||
CVE-2002-2304 | 1 Myphpsoft | 1 Myphplinks | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in admin/auth/checksession.php in MyPHPLinks 2.1.9 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the idsession parameter. | |||||
CVE-2004-1553 | 1 Fullrevolution | 1 Aspwebalbum | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action. | |||||
CVE-2003-1435 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL commands via the days parameter to the search module. | |||||
CVE-2003-1504 | 1 Goldscripts | 1 Goldlink | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in variables.php in Goldlink 3.0 allows remote attackers to execute arbitrary SQL commands via the (1) vadmin_login or (2) vadmin_pass cookie in a request to goldlink.php. |