SQL injection vulnerability in index.php in PHPStore Yahoo Answers allows remote attackers to execute arbitrary SQL commands via the id parameter.
SQL injection vulnerability in redir.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter.
SQL injection vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to execute arbitrary SQL commands via the note parameter.
SQL injection vulnerability in index.php in CommodityRentals Video Games Rentals allows remote attackers to execute arbitrary SQL commands via the pfid parameter in a catalog action.
SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the no parameter.
SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action to index.php.
SQL injection vulnerability in track.php in PHPStore Wholesales (aka Wholesale) allows remote attackers to execute arbitrary SQL commands via the id parameter.
SQL injection vulnerability in image.php in NetArt Media Car Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Multiple SQL injection vulnerabilities in Digital Hive 2.0 RC2 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the selectskin parameter to an unspecified program, or (2) remote authenticated administrators to execute arbitrary SQL commands via the user_id parameter in the gestion_membre.php page to base.php.
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_booking.
SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
SQL injection vulnerability in referrals.php in YourOwnBux 4.0 allows remote attackers to execute arbitrary SQL commands via the usNick cookie.
SQL injection vulnerability in tr.php in YourFreeWorld Classifieds Blaster Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
SQL injection vulnerability in index.php in Live TV Script allows remote attackers to execute arbitrary SQL commands via the mid parameter.
SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation System (HRS) allows remote attackers to execute arbitrary SQL commands via the city parameter.
SQL injection vulnerability in prodshow.php in Maran PHP Shop allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-4879.
SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows remote attackers to execute arbitrary SQL commands via the article parameter.
SQL injection vulnerability in index.php in CMS Buzz allows remote attackers to execute arbitrary SQL commands via the id parameter in a playgame action.
SQL injection vulnerability in view_cat.php in PHP Auto Dealer 2.7 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter.
SQL injection vulnerability in job_seeker/applynow.php in AvailScript Job Portal Script allows remote attackers to execute arbitrary SQL commands via the jid parameter.
SQL injection vulnerability in tops_top.php in Million Pixel Ad Script (Million Pixel Script) allows remote attackers to execute arbitrary SQL commands via the id_cat parameter.
SQL injection vulnerability in tr.php in YourFreeWorld Blog Blaster Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
SQL injection vulnerability in header.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the nova_name cookie parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
SQL injection vulnerability in index.php in AmpJuke 0.7.5 allows remote attackers to execute arbitrary SQL commands via the special parameter in a performerid action.
SQL injection vulnerability in living-e webEdition CMS allows remote attackers to execute arbitrary SQL commands via the we_objectID parameter.
SQL injection vulnerability in event_detail.php in Built2Go Real Estate Listings 1.5 allows remote attackers to execute arbitrary SQL commands via the event_id parameter.
SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php.
A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /inser_doc_process.php. The manipulation of the argument Doc_ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in itsourcecode Placement Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /add_company.php. The manipulation of the argument Name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
SQL injection vulnerability in index.php in PHPcounter 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter.
Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) allow remote attackers to execute arbitrary SQL commands via the (1) sprache parameter to index2.php and the (2) artikel parameter to index.php.
SQL injection vulnerability in the indianpulse Game Server (com_gameserver) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the grp parameter in a gameserver action to index.php.
In Toll Tax Management System 1.0, the id parameter appears to be vulnerable to SQL injection attacks.
SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1.3 allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
SQL injection vulnerability in index.asp in Creative Mind Creator CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the sideid parameter.
SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
SQL injection vulnerability in hits.php in myWebland myStats allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter.
SQL injection vulnerability in index.php in YourFreeWorld Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the c parameter.
SQL injection vulnerability in index.php in Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter.
SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. Affected is an unknown function of the file /patient-search-report.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL injection vulnerability in advanced_search_results.php in Vastal I-Tech Dating Zone, possibly 0.9.9, allows remote attackers to execute arbitrary SQL commands via the fage parameter.
SQL injection vulnerability in the showjavatopic function in func.php in PHP infoBoard V.7 Plus allows remote attackers to execute arbitrary SQL commands via the idcat parameter to showtopic.php.
SQL injection vulnerability in login.php in IP Reg 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the user_name parameter.