Multiple SQL injection vulnerabilities in ASP-DEv XM Diary allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to diary_view.asp or (2) view_date parameter to default.asp.
Max CVSS
7.5
EPSS Score
0.13%
Published
2012-07-25
Updated
2017-08-29
Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) profile.asp, (2) forum.asp, or (3) topic.asp.
Max CVSS
7.5
EPSS Score
0.06%
Published
2012-07-25
Updated
2017-08-29
SQL injection vulnerability in index2.php in Uiga Personal Portal allows remote attackers to execute arbitrary SQL commands via the p parameter.
Max CVSS
7.5
EPSS Score
0.15%
Published
2012-07-25
Updated
2017-08-29
SQL injection vulnerability in index2.php in Uiga Fan Club allows remote attackers to execute arbitrary SQL commands via the p parameter.
Max CVSS
7.5
EPSS Score
0.08%
Published
2012-07-25
Updated
2017-08-29
Multiple SQL injection vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to execute arbitrary SQL commands via the (1) paste id in admin/modules/mod_pastes.php or (2) show.php, (3) user id to admin/modules/mod_users.php, (4) project to list.php, or (5) session id to show.php.
Max CVSS
7.5
EPSS Score
0.13%
Published
2012-07-12
Updated
2012-07-19

CVE-2012-3951

Public exploit
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.
Max CVSS
7.5
EPSS Score
77.01%
Published
2012-07-31
Updated
2018-03-12
Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php, (2) view.php, or (3) rtg.php.
Max CVSS
7.5
EPSS Score
0.11%
Published
2012-07-12
Updated
2012-07-16
Multiple SQL injection vulnerabilities in application/core/MY_Model.php in MyClientBase 0.12 allow remote attackers to execute arbitrary SQL commands via the (1) invoice_number or (2) tags parameter to index.php/invoice_search.
Max CVSS
7.5
EPSS Score
0.70%
Published
2012-07-03
Updated
2017-08-29
SQL injection vulnerability in forensics/base_qry_main.php in AlienVault Open Source Security Information Management (OSSIM) 3.1 allows remote authenticated users to execute arbitrary SQL commands via the time[0][0] parameter.
Max CVSS
6.5
EPSS Score
0.28%
Published
2012-07-03
Updated
2017-08-29
SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to execute arbitrary SQL commands via crafted form data.
Max CVSS
6.5
EPSS Score
0.20%
Published
2012-07-23
Updated
2020-12-01
SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
Max CVSS
6.8
EPSS Score
25.47%
Published
2012-07-12
Updated
2018-05-29

CVE-2012-2962

Public exploit
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter.
Max CVSS
6.5
EPSS Score
97.47%
Published
2012-07-30
Updated
2018-03-12
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
95.43%
Published
2012-07-23
Updated
2017-12-22
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to a "blind SQL injection" issue.
Max CVSS
7.5
EPSS Score
93.48%
Published
2012-07-23
Updated
2017-12-22
SQL injection vulnerability in calendar/event.php in the calendar implementation in Moodle 1.9.x before 1.9.18 allows remote authenticated users to execute arbitrary SQL commands via a crafted calendar event.
Max CVSS
6.5
EPSS Score
0.12%
Published
2012-07-21
Updated
2020-12-01
SQL injection vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.13%
Published
2012-07-25
Updated
2012-09-11
CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored.
Max CVSS
6.8
EPSS Score
0.94%
Published
2012-07-18
Updated
2016-12-08
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted comments operations.
Max CVSS
4.0
EPSS Score
0.22%
Published
2012-07-16
Updated
2020-12-01
18 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!