| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to execute arbitrary SQL commands via the Sort parameter. |
| SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the username (Username parameter). |
| SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a Cat action. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the password (pass parameter). |
| SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. |
| SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. |
| SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter. |
| SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter. |
| SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, Standard, and Enterprise allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the username (user parameter). |
| SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter. |
| SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote attackers to execute arbitrary SQL commands via the kat parameter. |
| SQL injection vulnerability in showcategory.php in Hotscripts Clone allows remote attackers to execute arbitrary SQL commands via the cid parameter. |
| SQL injection vulnerability in index.php in ol'bookmarks manager 0.7.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a brain action. |
| SQL injection vulnerability in detail.php in AJ Auction Pro Platinum Skin 2 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. |
| SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter. |
| Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php. |
