Search

Found 3,635 results in 521ms · Match type: Filtered list

CVE	Severity	CVSS	Risk	Flags	OS	Vendor	Published	Description
CVE-2010-2909	high	—	8.5	EXP		toughtomatojoomla	16y ago	SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a video action to …
CVE-2010-2908	high	—	8.5	EXP		joomdlejoomla	16y ago	SQL injection vulnerability in the Joomdle (com_joomdle) component 0.24 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the course_id parameter in a detail actio…
CVE-2010-2907	high	—	8.5	EXP		huruhelpdeskjoomla	16y ago	SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a detail action to inde…
CVE-2010-2906	high	—	8.5	EXP		brotherscriptsscriptsfeed	16y ago	SQL injection vulnerability in articlesdetails.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter, a different…
CVE-2010-2905	high	—	8.5	EXP		brotherscriptsscriptsfeed	16y ago	SQL injection vulnerability in info.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4974	high	—	8.5	EXP		sweetphp	16y ago	Directory traversal vulnerability in box_display.php in TotalCalendar 2.4 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the box para…
CVE-2009-4973	high	—	8.5	EXP		sweetphp	16y ago	SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows remote attackers to execute arbitrary SQL commands via the selectedCal parameter in a SwitchCal action.
CVE-2009-4958	high	—	8.5	EXP		emophp	16y ago	SQL injection vulnerability in video.php in EMO Breeder Manager (aka EMO Breader Manager) allows remote attackers to execute arbitrary SQL commands via the idd parameter.
CVE-2010-2853	high	—	8.5	EXP		iscripts	16y ago	SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote attackers to execute arbitrary SQL commands via the product_id parameter.
CVE-2010-2847	high	—	8.5	EXP		gonzalo_maserjoomla	16y ago	Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote attackers to execute arbitrary SQL commands via the viewform parameter…
CVE-2010-2845	high	—	8.5	EXP		schlu.netjoomla	16y ago	SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index…
CVE-2009-4957	high	—	8.5	EXP		interspire	16y ago	Directory traversal vulnerability in loadpanel.php in Interspire ActiveKB allows remote attackers to read arbitrary files and possibly have unspecified other impact via directory traversal sequences …
CVE-2009-4940	high	—	8.5	EXP		zeuscart	16y ago	SQL injection vulnerability in index.php in Zeus Cart 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the maincatid parameter in a showmaincatlanding action.
CVE-2009-4936	high	—	8.5	EXP		spirate	16y ago	Multiple SQL injection vulnerabilities in Small Pirate (SPirate) 2.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to the default URI in an rss .xml action, or the…
CVE-2010-2384	low	—	4.2	EXP			16y ago	Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Management Console.
CVE-2010-2383	low	—	4.2	EXP			16y ago	Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality and integrity, related to NFS.
CVE-2010-2382	low	—	4.2	EXP			16y ago	Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors.
CVE-2010-2693	high	—	8.2	EXP	freebsd		16y ago	FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service (system file corruption) and…
CVE-2010-2008	low	—	4.5	EXP	ubuntu fedora	oracle	16y ago	MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# strin…
CVE-2010-2721	high	—	8.5	EXP		rightinpoint	16y ago	SQL injection vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to execute arbitrary SQL commands via the artist_id parameter in an addalbum action.
CVE-2010-2720	high	—	8.5	EXP		phpaa	16y ago	SQL injection vulnerability in list.php in phpaaCms 0.3.1 UTF-8, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these deta…
CVE-2010-2719	high	—	8.5	EXP		phpaa	16y ago	SQL injection vulnerability in show.php in phpaaCms 0.3.1 UTF-8, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2716	high	—	8.5	EXP		rich_kavanagh	16y ago	Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) ndetail.php and (2) print.php.
CVE-2010-2714	high	—	8.5	EXP		tcwonline	16y ago	SQL injection vulnerability in photos/index.php in TCW PHP Album 1.0 allows remote attackers to execute arbitrary SQL commands via the album parameter.
CVE-2010-2699	high	—	8.5	EXP		edgephp	16y ago	SQL injection vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) allows remote attackers to execute arbitrary SQL commands via the search parameter.
CVE-2010-2698	low	—	4.5	EXP		sijio	16y ago	Multiple cross-site scripting (XSS) vulnerabilities in Sijio Community Software allow remote authenticated users to inject arbitrary web script or HTML via the title parameter when (1) editing a new …
CVE-2010-2697	low	—	4.5	EXP		sijio	16y ago	Cross-site scripting (XSS) vulnerability in Sijio Community Software allows remote authenticated users to inject arbitrary web script or HTML via the title parameter when adding a new blog, related t…
CVE-2010-2696	high	—	8.5	EXP		sijio	16y ago	SQL injection vulnerability in gallery/index.php in Sijio Community Software allows remote attackers to execute arbitrary SQL commands via the parent parameter.
CVE-2010-2694	high	—	8.5	EXP		redcomponentjoomla	16y ago	SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter to index.php.
CVE-2010-2691	high	—	8.5	EXP		2daybiz	16y ago	Multiple SQL injection vulnerabilities in 2daybiz Custom T-Shirt Design Script allow remote attackers to execute arbitrary SQL commands via the (1) sbid parameter to products_details.php, (2) pid par…
CVE-2010-2690	high	—	8.5	EXP		jooforgejoomla	16y ago	SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) component 1.0.2, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter i…
CVE-2010-2689	high	—	8.5	EXP		internetdm	16y ago	SQL injection vulnerability in cont_form.php in Internet DM WebDM CMS allows remote attackers to execute arbitrary SQL commands via the cf_id parameter.
CVE-2010-2688	high	—	8.5	EXP		site2nite	16y ago	SQL injection vulnerability in detail.asp in Site2Nite Boat Classifieds allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2010-2687	high	—	8.5	EXP		site2nite	16y ago	SQL injection vulnerability in printdetail.asp in Site2Nite Boat Classifieds allows remote attackers to execute arbitrary SQL commands via the Id parameter.
CVE-2010-2685	high	—	8.5	EXP		customerparadigm	16y ago	siteadmin/adduser.php in Customer Paradigm PageDirector CMS does not properly restrict access, which allows remote attackers to bypass intended restrictions and add administrative users via a direct …
CVE-2010-2684	high	—	8.5	EXP		customerparadigm	16y ago	SQL injection vulnerability in index.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2683	high	—	8.5	EXP		customerparadigm	16y ago	SQL injection vulnerability in result.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the sub_catid parameter.
CVE-2010-2682	high	—	8.5	EXP		realtynajoomla	16y ago	Directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via…
CVE-2010-2681	high	—	8.5	EXP		joomla	16y ago	PHP remote file inclusion vulnerability in the SEF404x (com_sef) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig.absolute.path parameter to inde…
CVE-2009-4935	high	—	8.5	EXP		esoftpro	16y ago	SQL injection vulnerability in ogp_show.php in Online Guestbook Pro allows remote attackers to execute arbitrary SQL commands via the display parameter.
CVE-2009-4933	high	—	8.5	EXP		winterwebs	16y ago	Multiple SQL injection vulnerabilities in login.php in EZ Webitor allow remote attackers to execute arbitrary SQL commands via the (1) txtUserId (Username) and (2) txtPassword (Password) parameters. …
CVE-2009-4929	high	—	8.5	EXP		sweetphp	16y ago	admin/manage_users.php in TotalCalendar 2.4 does not require administrative authentication, which allows remote attackers to change arbitrary passwords via the newPW1 and newPW2 parameters.
CVE-2009-4927	high	—	8.5	EXP		webmobo	16y ago	WB News 2.1.2 allows remote attackers to bypass authentication and gain administrative access via a modified WBNEWS cookie, as demonstrated by setting this cookie to 1.
CVE-2010-2679	high	—	8.5	EXP		joomla	16y ago	SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2010-2674	high	—	8.5	EXP		alanzard	16y ago	SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an articolo action.
CVE-2010-2673	high	—	8.5	EXP		devana	16y ago	SQL injection vulnerability in profile_view.php in Devana 1.6.6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2670	high	—	8.5	EXP		brotherscripts	16y ago	SQL injection vulnerability in recipedetail.php in BrotherScripts Recipe Website allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-1327	high	—	8.5	EXP		tornadostore	16y ago	Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the marca parameter to precios.php3 or (2) the where paramete…
CVE-2010-2626	high	—	8.5	EXP		miyabi-seo	16y ago	index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands via shell metacharacters in the fn command. NOTE: some of these details are obtained from third party…
CVE-2010-2624	high	—	8.5	EXP		iscripts	16y ago	Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) comment parameter to add_comments.php, (2) values parameter to ta…
CVE-2010-2623	high	—	8.5	EXP		internetdm	16y ago	SQL injection vulnerability in pages.php in Internet DM Specialist Bed and Breakfast allows remote attackers to execute arbitrary SQL commands via the pp_id parameter.
CVE-2010-2622	high	—	8.5	EXP		joomanagerjoomla	16y ago	SQL injection vulnerability in the Joomanager component, possibly 1.1.1, for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2010-2549	high	—	8.2	EXP	windows		16y ago	Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system …
CVE-2010-2616	high	—	8.5	EXP		paul_mcenery	16y ago	SQL injection vulnerability in bible.php in PHP Bible Search, probably 0.99, allows remote attackers to execute arbitrary SQL commands via the chapter parameter.
CVE-2010-2611	high	—	8.5	EXP		i-netsolution	16y ago	SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
CVE-2010-2610	high	—	8.5	EXP		2daybiz	16y ago	Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute arbitrary SQL commands via the (1) jid parameter to view_current_job.php, (2) job_iid parameter to …
CVE-2010-2609	high	—	8.5	EXP		2daybiz	16y ago	SQL injection vulnerability in show_search_result.php in 2daybiz Job Search Engine Script allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
CVE-2010-2513	high	—	8.5	EXP		harmistechnologyjoomla	16y ago	SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to ind…
CVE-2010-2512	high	—	8.5	EXP		2daybiz	16y ago	SQL injection vulnerability in customprofile.php in 2daybiz Matrimonial Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2511	high	—	8.5	EXP		2daybiz	16y ago	SQL injection vulnerability in viewnews.php in 2daybiz Multi Level Marketing (MLM) Software allows remote attackers to execute arbitrary SQL commands via the nwsid parameter.
CVE-2010-2510	high	—	8.5	EXP		2daybiz	16y ago	SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote attackers to execute arbitrary SQL commands via the tid parameter.
CVE-2010-2508	high	—	8.5	EXP		2daybiz	16y ago	SQL injection vulnerability in user-profile.php in 2daybiz Video Community Portal Script allows remote attackers to execute arbitrary SQL commands via the userid parameter.
CVE-2010-2462	high	—	8.5	EXP		tomacero	16y ago	SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP allows remote attackers to execute arbitrary SQL commands via the id parameter in a cancel action.
CVE-2010-2461	high	—	8.5	EXP		jce-tech	16y ago	SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 allows remote attackers to execute arbitrary SQL commands via the store parameter.
CVE-2010-2460	high	—	8.5	EXP		jce-tech	16y ago	SQL injection vulnerability in merchant_product_list.php in JCE-Tech Shareasale Script (SASS) 1 allows remote attackers to execute arbitrary SQL commands via the mechant_id parameter.
CVE-2010-2459	high	—	8.5	EXP		2daybiz	16y ago	SQL injection vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to execute arbitrary SQL commands via the videoid parameter.
CVE-2010-2438	high	—	8.5	EXP		laubrotel	16y ago	SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php.
CVE-2010-2436	high	—	8.5	EXP		anecms	16y ago	SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
CVE-2010-2359	high	—	8.5	EXP		activewebsoftwares	16y ago	SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com eWebquiz 8 allows remote attackers to execute arbitrary SQL commands via the QuizType parameter, a different vector than CVE-2007…
CVE-2010-2357	high	—	8.5	EXP		eicrasoft	16y ago	SQL injection vulnerability in index.php in Eicra Realestate Script 1.0 and 1.6.0 allows remote attackers to execute arbitrary SQL commands via the p_id parameter. NOTE: some of these details are ob…
CVE-2010-2354	high	—	8.5	EXP		pilotgroup	16y ago	SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to execute arbitrary SQL commands via the course_id parameter.
CVE-2010-2342	high	—	8.5	EXP		dmxready	16y ago	SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2010-2341	high	—	8.5	EXP		ezpx	16y ago	PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in EZPX Photoblog 1.2 beta allows remote attackers to execute arbitrary PHP code via a URL in the tpl_base_d…
CVE-2010-2338	high	—	8.5	EXP		vunet	16y ago	Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor Analyst allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. NOTE: some of t…
CVE-2010-2335	high	—	8.5	EXP		yamamah	16y ago	SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter.
CVE-2010-2319	high	—	8.5	EXP		idevspot	16y ago	SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2010-2317	high	—	8.5	EXP		wmsdesign	16y ago	Multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) search, (2) sbr, (3) pid, (4) sbl, and (5) FilePath parameters to…
CVE-2010-2315	high	—	8.5	EXP		smartisoft	16y ago	PHP remote file inclusion vulnerability in picturelib.php in SmartISoft phpBazar 2.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cat parameter.
CVE-2010-2063	high	—	8.5	EXPFIX	ubuntu debian	samba	16y ago	Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory c…
CVE-2010-1964	high	—	8.5	EXP		hp	16y ago	Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CA…
CVE-2010-2312	high	—	8.5	EXP		hauntmax	16y ago	SQL injection vulnerability in index.php in HauntmAx Haunted House Directory Listing CMS allows remote attackers to execute arbitrary SQL commands via the state parameter in a listings action.
CVE-2010-2309	high	—	8.5	EXP		evological	16y ago	Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and 3.6.7 allows remote attackers to execute arbitrary code via a long GET request.
CVE-2010-2075	high	—	8.5	EXP		unrealircd	16y ago	UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which …
CVE-2009-4892	high	—	8.5	EXP		webjump	16y ago	SQL injection vulnerability in Content Management System WEBjump! allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) portfolio_genre.php and (2) news_id.php.
CVE-2009-4889	high	—	8.5	EXP		basti2webphp-fusion	16y ago	SQL injection vulnerability in books.php in the Book Panel (book_panel) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the bookid parameter.
CVE-2009-4883	high	—	8.5	EXP		todd_rogers	16y ago	SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and 2.39 allows remote attackers to execute arbitrary SQL commands via the (1) base_id or (2) course_id parameter in a search action.
CVE-2010-1931	high	—	8.5	EXP		cubecart	16y ago	SQL injection vulnerability in includes/content/cart.inc.php in CubeCart PHP Shopping cart 4.3.4 through 4.3.9 allows remote attackers to execute arbitrary SQL commands via the shipKey parameter to i…
CVE-2010-2259	high	—	8.5	EXP		tamlyncreativejoomla	16y ago	Directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller param…
CVE-2010-2257	high	—	8.5	EXP		payperviewvideosoftware	16y ago	SQL injection vulnerability in index_ie.php in Pay Per Minute Video Chat Script 2.0 and 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2010-2255	high	—	8.5	EXP		tamlyncreativejoomla	16y ago	SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joo…
CVE-2010-2254	high	—	8.5	EXP		shape5joomla	16y ago	SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php.
CVE-2010-1636	low	—	3.1	EXP	linux-kernel		16y ago	The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has…
CVE-2010-2148	high	—	8.5	EXP		unisoftjoomla	16y ago	SQL injection vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pagina parameter to index.php.
CVE-2010-2146	high	—	8.5	EXP		graviton-mediatech	16y ago	PHP remote file inclusion vulnerability in banned.php in Visitor Logger allows remote attackers to execute arbitrary PHP code via a URL in the VL_include_path parameter.
CVE-2010-2143	high	—	8.5	EXP		getsymphony	16y ago	Directory traversal vulnerability in index.php in Symphony CMS 2.0.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the mode paramete…
CVE-2010-2142	high	—	8.5	EXP		murat_ersoy	16y ago	SQL injection vulnerability in default.asp in Cyberhost allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2141	high	—	8.5	EXP		nitropowered	16y ago	SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arbitrary SQL commands via the PictureId parameter in an open action.
CVE-2010-2137	high	—	8.5	EXP		giaard	16y ago	PHP remote file inclusion vulnerability in _center.php in ProMan 0.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
CVE-2010-2135	high	—	8.5	EXP		hazelpress	16y ago	Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) password fields.
CVE-2010-2134	high	—	8.5	EXP		http-solution	16y ago	Multiple SQL injection vulnerabilities in login.php in Project Man 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter.