SQL injection Prevention - GET : block comment delimiters in URL


Description   a SQL comment block has been found in URL parameter. Comment blocks are generally used for evading signature based SQL injection detection. Presence of SQL comment block delimiter might indicate a SQL injection attempt
     
Default
configuration
 
Profiles High Medium Low Internet
Action Block Block Pass Pass
Alarm Level Major Minor Minor Ignore
     
References  
     
Available since   ASQ v3.2.0
     
Protects   Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Dolibarr Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla Core SQL Injection Vulnerability Fixed by 3.7.1
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Plugins Multiple Vulnerabilities
Joomla "DT Register" Plugin SQL Injection Vulnerability
WordPress Third-Party Plugins Multiple Vulnerabilities
WordPress Third-Party Modules Multiple Vulnerabilities
WordPress Third-Party Modules Multiple Vulnerabilities
Cisco Identity Services Engine SQL Injection Vulnerability
WordPress Third Party Modules Multiple Vulnerabilities
AlienVault Unified Security Management Multiple Vulnerabilities Fixed by 5.3.2
Joomla Third-Party Plugins Multiple Vulnerabilities
SAP Adaptive Server Enterprise (ASE) Multiple Vulnerabilities Fixed by September 2016 Patch Day
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Zabbix Latest Data SQL Injection Vulnerability
Joomla "Event Registration Pro" SQL Injection Vulnerability
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
Red Hat JBoss BPM Suite Dashbuilder SQL Injection Vulnerability
Joomla Third-Party Plugins Multiple Vulnerabilities
Drupal 'menupereid' SQL injection Vulnerability
Riverbed SteelCentral NetProfiler Multiple Vulnerabilities Fixed by 10.9.0
Cisco Prime Collaboration Deployment SQL Injection Vulnerability
Joomla Third-Party Plugins Multiple Vulnerabilities
Nagios XI Multiple Vulnerabilities
Joomla Third-Party Plugins Multiple Vulnerabilities
phpMyAdmin Multiple Vulnerabilities Fixed by 4.6.2 and 4.4.15.6
GLPI "ajax/getDropdownConnect.php" SQL Injection Vulnerability Fixed by 0.90.3
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Joomla Third-Party Modules Multiple Vulnerabilities
Cacti "tree.php" SQL Injection Vulnerability
Cacti "graph_template" Parameter "graphs_new.php" SQL Injection Vulnerability
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
BlackBerry Enterprise Server Management Console Multiple Vulnerabilities Fixed by 12.4
Joomla Third-Party Modules Multiple SQL Injection Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Joomla Third-Party Modules Multiple Vulnerabilities
TestLink SQL Injection Vulnerability Fixed by 1.9.15
Atlassian Confluence Multiple Vulnerabilities Fixed by 5.8.17
Joomla Third-Party Modules Multiple Vulnerabilities
Cacti Multiple SQL Injection Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Joomla Third-Party Modules Multiple Vulnerabilities
Cisco Secure Access Control Server (ACS) SQL Injection Vulnerability
Joomla Core Multiple Vulnerabilities Fixed by 3.4.5
Kerio Control Remote Command Execution Vulnerability
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
TestLink Multiple Vulnerabilities Fixed by 1.9.14
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Cisco Prime Collaboration SQL Injection Vulnerability
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Joomla Third-Party Modules Multiple Vulnerabilities
Joomla "JoomShopping" SQL Injection Vulnerability
Joomla Third-Party Modules Multiple Vulnerabilities
Merethis Centreon Blind SQL Injection and Authenticated Remote Command Execution Vulnerability
Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Cisco WebEx Meeting Center GET Parameter Vulnerability
TYPO3 Multiple Third-Party Components Vulnerabilities
Cisco Prime Collaboration Manager SQL Injection Vulnerability
Cacti Multiple Vulnerabilities Fixed by 0.8.8d
WordPress WP Symposium Plugin SQL Injection Vulnerability
WordPress Contus Video Gallery Plugin SQL Injection Vulnerability
WordPress Community Events Plugin Multiple SQL Injection Vulnerabilities
Cisco Unified Communications Manager Interactive Voice Response Interface SQL Injection Vulnerability
WordPress WP Business Intelligence Lite Plugin SQL Injection Vulnerability
Galette ZendDB Two SQL Injection Vulnerabilities
WordPress SEO by Yoast Plugin Cross-Site Request Forgery and SQL Injection Vulnerabilities
WordPress Store Locator Plugin "sl_vars[num_initial_displayed]" SQL Injection Vulnerability
SolarWinds Products "sort" and "dir" SQL Injection Vulnerabilities
phpBugTracker Multiple Vulnerabilities
WordPress Spider Event Calendar Plugin "cat_id" SQL Injection Vulnerability
F5 BIG-IP Application Security Manager Tree View Cross-Site Scripting Vulnerability
miniBB "code" SQL Injection Vulnerability
Zabbix Two SQL Injection Vulnerabilities
GLPI "condition" SQL Injection Vulnerability
PHP-Fusion Multiple SQL Injection Vulnerabilities
IP.Board "id" SQL Injection Vulnerability
ManageEngine Password Manager Pro Two SQL Injection Vulnerabilities
IP.Board IP.Content Module "cid" SQL Injection Vulnerability
BSS BS-Client Multiple Vulnerabilities
InvGate Service Desk Multiple SQL Injection Vulnerabilities
WordPress Polldaddy Polls & Ratings Plugin Cross-Site Scripting Vulnerability
web2Project Multiple SQL Injection Vulnerabilities
Videos Tube "url" SQL Injection Vulnerability
ZeroCMS Multiple Vulnerabilities
webEdition "tblFile" SQL Injection Vulnerability
NULL NUKE Cross-Site Request Forgery and SQL Injection Vulnerabilities
Free Help Desk Script Insertion and SQL Injection Vulnerabilities
Xerox DocuShare URL SQL Injection Vulnerability
mAdserve Multiple "id" SQL Injection Vulnerabilities
Jigowatt PHP Event Calendar "year" SQL Injection Vulnerability
Netvolution CMS SQL Injection Vulnerability
WordPress mTouch Quiz Plugin "quiz" Cross-Site Scripting and SQL Injection Vulnerabilities
Joomla! AJAX Shoutbox Component "jal_lastID" SQL Injection Vulnerability
couponPHP Two Cross-Site Scripting Vulnerabilities
Ganesha Digital Library Cross-Site Scripting and SQL Injection Vulnerabilities
Cory Support "q" SQL Injection Vulnerability
POSH Weakness and Two Vulnerabilities
GeoCore Multiple SQL Injection Vulnerabilities
HostBill Staff Tickets SQL Injection Vulnerability
OpenDocMan Security Bypass and SQL Injection Vulnerabilities
Pina CMS Cross-Site Scripting Vulnerability
ITechClassifieds Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
mySeat Restaurant Reservation System Cross-Site Scripting and SQL Injection Vulnerabilities
Collabtive Script Insertion and SQL Injection Vulnerabilities
Horizon QCMS File Disclosure and SQL Injection Vulnerabilities
UAEPD Shopping Cart Script Multiple SQL Injection Vulnerabilities
CUBIC CMS Multiple Vulnerabilities
AuctionWebScript Lowest Unique Bid Auction "id" SQL Injection Vulnerability
AuctionWebScript Ebay Clone "id" SQL Injection Vulnerability
AuctionWebScript Penny Auction "id" SQL Injection Vulnerability
WordPress FormCraft Plugin "id" SQL Injection Vulnerability
Testa OTMS "test_id" SQL Injection Vulnerability
ViciDial Asterisk GUI Client SQL Injection and Arbitrary Command Execution Vulnerability
Dolibarr "sondage" SQL Injection Vulnerability
Bilboplanet Cross-Site Scripting and SQL Injection Vulnerabilities
Aanval SAS Cross-Site Scripting and SQL Injection Vulnerabilities
Posnic Stock Management System Cross-Site Scripting and SQL Injection Vulnerabilities
Flo CMS "archivem" SQL Injection Vulnerability
myBusinessAdmin "id" SQL Injection Vulnerability
DotNetNuke DNNArticle Module "categoryid" SQL Injection Vulnerability
Quack Chat Cross-Site Scripting and Script Insertion Vulnerabilities
Joomla! redSHOP Component "pid" SQL Injection Vulnerability
MLM Auction "id" SQL Injection Vulnerability
Cotonti "c" SQL Injection Vulnerability
2daybiz Multi Level Marketing Software Cross-Site Scripting and SQL Injection Vulnerabilities
Saurus CMS Multiple Vulnerabilities
McAfee ePolicy Orchestrator Multiple Cross-Site Scripting Vulnerabilities
ivote "id" SQL Injection Vulnerability
Top Games Script "gid" SQL Injection Vulnerability
ClientExec Security Issue and Multiple Vulnerabilities
Fobuc Guestbook "category" SQL Injection Vulnerability
Matterdaddy Market Cross-Site Scripting and SQL Injection Vulnerabilities
WordPress Spider Catalog Plugin Cross-Site Scripting and SQL Injection Vulnerabilities
Ajax Availability Calendar Multiple Vulnerabilities
Joomla! DJ-Classifieds Component "se_regs[]" SQL Injection Vulnerability
EasyWebScripts Craigslist Clone "catid" SQL Injection Vulnerability
b2evolution "show_statuses[]" SQL Injection Vulnerability
phpVMS PopUpNews Module SQL Injection Vulnerability
rebus:list "list_id" SQL Injection Vulnerability
daloRADIUS Multiple Vulnerabilities
Joomla! RSFiles! Component "cid" SQL Injection Vulnerability
Nconf Path Disclosure Weakness and Cross-Site Scripting Vulnerability
PHP-Fusion Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
EasyWebScripts eBay Clone Script Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
Scripts Genie Domain Trader "id" SQL Injection Vulnerability
Gallery Personals "L" SQL Injection Vulnerability
Games Site Script "id" SQL Injection Vulnerability
OpenEMR Multiple Vulnerabilities
AdaptCMS Multiple Vulnerabilities
ImageCMS "q" SQL Injection Vulnerability
WordPress WP Symposium Plugin Multiple SQL Injection Vulnerabilities
Classified Ultra "cname" Cross-Site Scripting and "c" SQL Injection Vulnerabilities
Website Baker Concert Calendar Add-on Cross-Site Scripting and SQL Injection Vulnerabilities
WordPress Shopping Cart Plugin Multiple SQL Injection Vulnerabilities
MyBB HM_My Country Flags Plugin "cnam" SQL Injection Vulnerability
Guru Auction Two SQL Injection Vulnerabilities
Elite Bulletin Board Multiple SQL Injection Vulnerabilities
MyBB Transactions Plugin "transaction" SQL Injection Vulnerability
MyBB Profile Blogs Plugin Script Insertion and SQL Injection Vulnerabilities
MyBB Tips Of The Day Plugin Script Insertion and SQL Injection Vulnerabilities
Joomla! JooProperty Component Multiple Vulnerabilities
Newscoop "f_email" SQL Injection Vulnerability
Beat Websites "id" SQL Injection Vulnerability
Baby Gekko Multiple Cross-Site Scripting Vulnerabilities
MYRE Vacation Rental Software Cross-Site Scripting and SQL Injection Vulnerabilities
The FAQ Manager Two SQL Injection Vulnerabilities
netOffice Dwins Multiple SQL Injection Vulnerabilities
Intramaps Multiple Vulnerabilities
WordPress Hitasoft FLV Player Plugin "id" SQL Injection Vulnerability
Joomla! Spider Catalog Component "product_id" SQL Injection Vulnerability
WordPress FireStorm Professional Real Estate Plugin "id" SQL Injection Vulnerability
Joomla! Commedia Component "id" SQL Injection Vulnerability
ManageEngine Security Manager Plus File Disclosure and SQL Injection Vulnerabilities
Cartweaver Local File Inclusion and SQL Injection Vulnerabilities
Campaign Enterprise "UID" SQL Injection Vulnerability
MyBB Profile Albums Plugin SQL Injection Vulnerability
airVision NVR "path" Arbitrary File Disclosure and "id" SQL Injection Vulnerabilities
WordPress Spider Calendar Plugin Cross-Site Scripting and SQL Injection Vulnerabilities
TorrentTrader Cross-Site Scripting and SQL Injection Vulnerabilities
webERP Multiple Vulnerabilities
LuxCal Web Calendar "id" SQL Injection Vulnerability
TAGWORX.CMS "cid" SQL Injection Vulnerability
Auxilium PetRatePro Multiple Vulnerabilities
LimeSurvey Multiple Vulnerabilities
Joomla! Spider Calendar Lite Component "date" SQL Injection Vulnerability
WordPress HD Webplayer Plugin Two SQL Injection Vulnerabilities
Joomla! Komento Component RSS Feed "cid" SQL Injection Vulnerability
OrderSys Two Cross-Site Scripting Vulnerabilities
YourArcadeScript SQL Injection and Cross-Site Request Forgery Vulnerabilities
ManageEngine OpStor SQL Injection and Cross-Site Scripting Vulnerabilities
Flynax General Classifieds Multiple Cross-Site Scripting Vulnerabilities
Cyclope Employee Surveillance Solution Security Bypass and SQL Injection Vulnerabilities
Total Shop UK eCommerce URL SQL Injection Vulnerability
1024 CMS "id" and "p" SQL Injection Vulnerabilities
Joomla! En Masse Component "sortBy" SQL Injection Vulnerability
TCExam Cross-Site Scripting and SQL Injection Vulnerabilities
Joomla! Joomgalaxy Component "catid" SQL Injection Vulnerability
Limny "escape()" SQL Injection Vulnerability
Ushahidi Multiple Vulnerabilities
CuteFlow Multiple Vulnerabilities
Zabbix "itemid" SQL Injection Vulnerability
Spiceworks snmpd.conf Script Insertion Vulnerabilities
WordPress WP Symposium Plugin Multiple SQL Injection Vulnerabilities
WordPress Sendit Newsletter Plugin "id" SQL Injection Vulnerability
MGB Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
GuestBook Script Multiple Cross-Site Scripting Vulnerabilities
MBB CMS Multiple Vulnerabilities
LIOOSYS CMS "id" SQL Injection Vulnerability
WordPress Website FAQ Plugin "category" SQL Injection Vulnerability
PD Products Two SQL Injection Vulnerabilities
IBM System Storage Products Storage Manager Cross-Site Scripting and SQL Injection Vulnerabilities
Swoopo Gold Multiple Vulnerabilities
Nuked-Klan "eid" SQL Injection Vulnerability
Jobs Portal Multiple Script Insertion and SQL Injection Vulnerabilities
Contao "field" SQL Injection Vulnerability
Cells Blog CMS Multiple SQL Injection Vulnerabilities
WordPress Contus HD FLV Player Plugin SQL Injection and Arbitrary File Upload Vulnerabilities
Bigware Shop "pollid" Two SQL Injection Vulnerabilities
Membris Multiple Vulnerabilities
Simple Web Content Management System Multiple Vulnerabilities
SocialEngine "category_id" SQL Injection Vulnerability
Jaow CMS "add_ons" SQL Injection Vulnerability
Pligg CMS Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
PHP-addressbook Multiple Vulnerabilities
eLearning Server "nid" SQL Injection Vulnerability
FreeRealty Multiple Vulnerabilities
Travelon Express "hid" Two SQL Injection Vulnerabilities
Galette "id_adh" SQL Injection Vulnerability
OrangeHRM Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
Serendipity Cross-Site Scripting and SQL Injection Vulnerabilities
myCare2x Cross-Site Scripting and SQL Injection Vulnerabilities
OSSIM Cross-Site Scripting and SQL Injection Vulnerabilities
Opial Script Insertion and SQL Injection Vulnerabilities
Axous "id" SQL Injection Vulnerability
Uiga FanClub SQL Injection and Cross-Site Scripting Vulnerabilities
PHP Volunteer Management Multiple Vulnerabilities
Joomla! ccNewsletter Component "id" SQL Injection Vulnerability
Exponent CMS Cross-Site Scripting and SQL Injection Vulnerabilities
MediaXXX Mobile Video Module "query" SQL Injection Vulnerability
Minerva Infotech CMS "ID" SQL Injection Vulnerability
Horizon Quick CMS "username" SQL Injection Vulnerability
osCMax Admin Section URL SQL Injection Vulnerability
Newscoop Multiple Vulnerabilities
Matterdaddy Market Two SQL Injection Vulnerabilities
idev-GameSite "id" SQL Injection Vulnerability
GENU Multiple SQL Injection Vulnerabilities
osCMax Multiple Vulnerabilities
PicoPublisher Two SQL Injection Vulnerabilities
ArticleSetup Multiple Vulnerabilities
SWTOR CharDB Multiple Vulnerabilities
phplist "num" Cross-Site Scripting Vulnerability
Pre Printing Press "id" and "pid" SQL Injection Vulnerabilities
EncapsGallery "item_id" SQL Injection Vulnerability
NTG Haber Yazilimi "kat" SQL Injection Vulnerability
Linkasoft LeKommerce "id" SQL Injection Vulnerability
Exponent CMS "src" SQL Injection Vulnerability
deV!L'z Clanportal Witze Addon "id" SQL Injection Vulnerability
BrewBlogger Multiple Vulnerabilities
ImgPals Photo Host "u" SQL Injection Vulnerability
LimeSurvey Script Insertion and SQL Injection Vulnerabilities
Kongreg8 Script Insertion and SQL Injection Vulnerabilities
MyJobList "eid" SQL Injection Vulnerability
Seo Panel "website_id" and "lang_code" SQL Injection Vulnerabilities
phpDenora Multiple File Disclosure and SQL Injection Vulnerabilities
YVS Image Gallery "album_id" SQL Injection Vulnerability
Joomla! DT Register Component "list1" SQL Injection Vulnerability
OneForum Two "id" SQL Injection Vulnerabilities
LimeSurvey "fieldnames" SQL Injection Vulnerability
TestLink Multiple SQL Injection Vulnerabilities
Gazie "Login" Cross-Site Scripting and SQL Injection Vulnerabilities
Dolibarr ERP/CRM SQL and Command Injection Vulnerabilities
XRay CMS "username" SQL Injection Vulnerability
Basic Analysis and Security Engine SQL Injection and File Inclusion Vulnerabilities
Tube Ace Cross-Site Scripting and SQL Injection Vulnerabilities
HDWiki URL SQL Injection Vulnerability
ScriptsEz Ez Album Two Vulnerabilities
Vastal I-Tech Agent Zone Two SQL Injection Vulnerabilities
Pligg Cross-Site Scripting and SQL Injection Vulnerabilities
OSClass Multiple Vulnerabilities
Ev10 "docId" SQL Injection Vulnerability
deV!L'z Clanportal Gamebase Addon "gameid" SQL Injection Vulnerability
pGB "id" SQL Injection Vulnerability
Oracle Application Server Cross-Site Scripting and SQL Injection Vulnerabilities
Joomla! Discussions Component "catid" SQL Injection Vulnerability
Joomla! HD Video Share Component "id" SQL Injection Vulnerability
Contus Jobs Portal "Category" SQL Injection Vulnerability
ClipBucket Multiple Vulnerabilities
WordPress Pay With Tweet Plugin Multiple Vulnerabilities
DiY-CMS Blog Module Multiple SQL Injection Vulnerabilities
Open Business Management Multiple Vulnerabilities
cApexWEB "dfuserid" and "dfpassword" SQL Injection Vulnerabilities
Cyberoam UTM "tableid" SQL Injection Vulnerability
PHPShop CMS Free Multiple Vulnerabilities
WordPress Global Content Blocks Plugin "gcb" Two SQL Injection Vulnerabilities
DotA OpenStats "id" SQL Injection Vulnerability
Video Community Portal "id" SQL Injection Vulnerability
Social Network Community "userId" SQL Injection Vulnerability
BrowserCRM Multiple Vulnerabilities
Seotoaster "selectUserIdByLoginPass()" SQL Injection Vulnerability
Joomla! QContacts Component "filter_order" SQL Injection Vulnerability
WordPress UPM Polls Plugin "PID" SQL Injection Vulnerability
SePortal "goto" SQL Injection Vulnerability
SePortal Two SQL Injection Vulnerabilities
HitAppoint "username" SQL Injection Vulnerability
SourceBans Cross-Site Scripting and SQL Injection Vulnerabilities
Sepcity Shopping Mall "ID" SQL Injection Vulnerability
Sepcity Classified Ads "ID" SQL Injection Vulnerability
Sepcity Faculty Portal "ID" SQL Injection Vulnerability
WSN Products Multiple Vulnerabilities
Alstrasoft EPay Enterprise "cid" and "product" SQL Injection Vulnerabilities
SugarCRM Two SQL Injection Vulnerabilities
WordPress GRAND Flash Album Gallery Plugin Multiple Vulnerabilities
OrangeHRM Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
PHP Inventory Multiple SQL Injection Vulnerabilities
MH Products Kleinanzeigenmarkt "c" SQL Injection Vulnerability
NUs Newssystem "id" SQL Injection Vulnerability
CMScout "album" SQL Injection Vulnerability
Joomla GBU Facebook Component "face_id" SQL Injection Vulnerability
CMS Ariadna SQL Injection Vulnerabilities
Almnzm "id" SQL Injection Vulnerability
Joomla! XOBBIX Component "prodid" SQL Injection Vulnerability
Press Release Script "id" SQL Injection Vulnerability
Blogs manager Multiple SQL Injection Vulnerabilities
Freelancer calendar Multiple SQL Injection Vulnerabilities
Ziggurat Farsi CMS Multiple Vulnerabilities
Joomla AutarTimonial Component "limit" SQL Injection Vulnerability
Online Contact Manager Cross-Site Scripting and SQL Injection Vulnerabilities
Online Photo Pro "section" Cross-Site Scripting and SQL Injection Vulnerabilities
Joomla Canteen Component Multiple Vulnerabilities
iScripts ReserveLogic Multiple Vulnerabilities
iScripts CyberMatch "id" SQL Injection Vulnerability
Banner Management "id" SQL Injection Vulnerability
ScriptsFeed / BrotherScripts Auto Dealer Software "id" SQL Injection Vulnerability
Joomla DJ-ArtGallery Component "cid[]" Two Vulnerabilities
Smart ASP Survey SQL Injection and Cross-Site Scripting Vulnerabilities
ScriptsFeed Recipes Listing Portal SQL Injection Vulnerabilities
iScripts eSwap Cross-Site Scripting and SQL Injection Vulnerabilities
iScripts EasyBiller SQL Injection and Script Insertion Vulnerabilities
Ecomat CMS Cross-Site Scripting and SQL Injection Vulnerabilities
Joomla BF Quiz Component "catid" SQL Injection Vulnerability
2daybiz Online Classified Script Multiple Vulnerabilities
Document Library "intGroupID" SQL Injection Vulnerability
CuteSITE CMS Multiple Vulnerabilities
Elite Gaming Ladders SQL Injection Vulnerabilities
Virtual Real Estate Manager "Lid" SQL Injection Vulnerability
DaLogin SQL Injection and Script Insertion Vulnerabilities
OlyKit Swoopo Clone 2010 "id" SQL Injection Vulnerability
MCLogin System "myusername" SQL Injection Vulnerability
WordPress AdRotate Plugin "track" SQL Injection Vulnerability
Joomla RokModule Component Two SQL Injection Vulnerabilities
LabStoRe Multiple "where_clause" SQL Injection Vulnerabilities
OrderSys Multiple Vulnerabilities
Drupal Webform CiviCRM Integration Module Multiple SQL Injection Vulnerabilities
WordPress Media Library Categories Plugin "termid" SQL Injection Vulnerability
CmyDocument Content Management Multiple Vulnerabilities
Joomla! JEEMA SMS Component Cross-Site Request Forgery and SQL Injection Vulnerabilities
Drupal Views Module SQL Injection Vulnerability
VP-ASP Unspecified SQL Injection Vulnerability
Joomla! Alameda Component "storeid" SQL Injection Vulnerability
Joomla! Vik Real Estate Extension "contract" and "imm" SQL Injection Vulnerabilities
Joomla! HM Community Component Script Insertion and SQL Injection Vulnerabilities
SPIP Unspecified SQL Injection Vulnerability
Jara Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
OpenEMR "u" SQL Injection Vulnerability
Joomla! Freestyle FAQs and Testimonials Components Unspecified SQL Injection Vulnerability
DMXready Polling Booth Manager "QuestionID" SQL Injection Vulnerability
ColdGen ColdUserGroup Cross-Site Scripting and SQL Injection Vulnerabilities
ColdGen ColdBookmarks Multiple Vulnerabilities
ColdGen ColdCalendar "EventID" SQL Injection Vulnerability
MicroNetSoft Rental Property Management Website "ad_ID" SQL Injection Vulnerability
MicroNetSoft RV Dealer Website Multiple SQL Injection Vulnerabilities
CubeCart Cross-Site Scripting and SQL Injection Vulnerabilities
zenphoto "a" SQL Injection Vulnerability
Softbiz Article Directory Script "sbiz_id" SQL Injection Vulnerability
Joomla! Aardvertiser Component "cat_name" SQL Injection
Joomla! Clantools Component Two SQL Injection Vulnerabilities
Joomla! Clantools Component "squad" SQL Injection Vulnerability
Joomla! Gantry Component "moduleid" SQL Injection Vulnerability
Member Management System "REF_URL" Cross-Site Scripting Vulnerability
chillyCMS "name" Cross-Site Scripting and SQL Injection Vulnerabilities
Pilot Cart Multiple Vulnerabilities
TYPO3 Questionnaire Extension Cross-Site Scripting and SQL Injection Vulnerabilities
Entrans Cross-Site Scripting and SQL Injection Vulnerabilities
Joomla! Amblog Component "catid" and "articleid" SQL Injection Vulnerabilities
Joomla! TimeTrack Component "ct_id" SQL Injection Vulnerability
Nuked-Klan Partenaires Module "id" SQL Injection Vulnerability
Virtue Book Store Two SQL Injection Vulnerabilities
Netvolution CMS "artID" SQL Injection Vulnerability
Elgg pg/search SQL Injection Vulnerability
Pre Studio Business Cards Designer "id" SQL Injection Vulnerability
KaiBB Cross-Site Scripting and SQL Injection Vulnerabilities
wizmall "BID" and "UID" SQL Injection Vulnerabilities
Uiga Personal Portal Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
Simple PHP Forum Script "id" SQL Injection Vulnerability
OpenEMR Multiple Vulnerabilities
OpenEMR Script Insertion and SQL Injection Vulnerabilities
Yet Another CMS Two SQL Injection Vulnerabilities
Dolphin "iIDcat" SQL Injection Vulnerability
Site@School Multiple Vulnerabilities
PunBB Reputation Plugin SQL Injection and Local File Inclusion
GNUBoard URL SQL Injection Vulnerability
AContent Multiple Vulnerabilities
WordPress WP Photo Album Plus Plugin "wppa-album" SQL Injection Vulnerability
Radfa Sabadkharid "add2cart" SQL Injection Vulnerability
EC-CUBE Two Unspecified SQL Injection Vulnerabilities
WordPress Contact Form Plugin "wpcf_easyform_formid" SQL Injection Vulnerability
Joomla! eTree Component "id" and "user_id" SQL Injection Vulnerabilities
MyBB MyStatus Plugin "statid" SQL Injection Vulnerability
Microsoft Forefront Unified Access Gateway Multiple Vulnerabilities
WordPress Ninja Announcements Plugin "[ninja_annc]" Shortcode SQL Injection
KaiBB Two SQL Injection Vulnerabilities
Joomla! Barter Component Multiple Vulnerabilities
Joomla! Time Returns Component "id" SQL Injection Vulnerability
Sonexis ConferenceManager Script Insertion and SQL Injection Vulnerabilities
Alibaba Clone Multiple SQL Injection Vulnerabilities
Xweblog Multiple SQL Injection Vulnerabilities
Joomla! JE Directory Component "catid" SQL Injection Vulnerability
webSPELL Multiple Vulnerabilities
Zuitu "id" SQL Injection Vulnerability
Tsmim Lessons Library Script "page" SQL Injection Vulnerability
enkai Unspecified Cross-Site Scripting Vulnerability
WordPress WP-PostRatings Plugin "[ratings]" Shortcode SQL Injection Vulnerability
Achievo Multiple Vulnerabilities
spidaNews "id" SQL Injection Vulnerability
Novell Identity Manager Cross-Site Scripting Vulnerabilities
WordPress WP-Polls Plugin "[poll]" Shortcode SQL Injection Vulnerability
MH Products Pay Pal Shop Digital "ItemID" SQL Injection Vulnerability
MH Products MHP Downloadshop "ItemID" SQL Injection Vulnerability
MH Products Projekt Shop "ts" SQL Injection Vulnerability
MH Products Easy Online Shop "kat" SQL Injection Vulnerability
Parallels Plesk Panel Cross-Site Scripting and SQL Injection Vulnerabilities
Traq Multiple Cross Site Scripting and SQL Injection Vulnerabilities
Magtrb MyNews Multiple Vulnerabilities
TYPO3 dev/null robots.txt Extension SQL Injection Vulnerability
TYPO3 RTG Files Extension SQL Injection Vulnerability
Ayco Shop Multiple SQL Injection Vulnerabilities
Cacti Cross-Site Scripting and SQL Injection Vulnerabilities
Vlinks "id" SQL Injection Vulnerability
CMS Faethon Cross-Site Scripting and SQL Injection
Joomla! JSupport Component Script Insertion and SQL Injection Vulnerabilities
OneOrZero AIMS Multiple Vulnerabilities
phpList Multiple Vulnerabilities
OneCMS Multiple Vulnerabilities
Ayco Emlak Multiple SQL Injection Vulnerabilities
Car Portal Multiple Vulnerabilities
Ayco Resim Galeri "catid" SQL Injection Vulnerability
WordPress Count Per Day Plugin "month" SQL Injection Vulnerability
Mercator Sentinel SQL Injection Vulnerability
Papoo Light Cross-Site Scripting Vulnerability
WordPress Auctions Plugin "wpa_id" SQL Injection Vulnerabilities
TYPO3 Cache Flooding Denial of Service and SQL Injection Vulnerabilities
Support Incident Tracker Multiple Vulnerabilities
MyAuth "pass" SQL Injection Vulnerability
WordPress WP Forum Server Plugin Multiple SQL Injection Vulnerabilities
MYRE Real Estate Software Multiple Vulnerabilities
LightNEasy "page" and "id" SQL Injection Vulnerabilities
TYPO3 Direct Mail Subscription Extension Two Vulnerabilities
WordPress WP-Filebase Plugin "base" SQL Injection Vulnerability
WordPress Photoracer Plugin Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
Joomla! Flip Wall Component "catid" SQL Injection Vulnerability
WordPress MM Forms Community Parameter Key SQL Injection Vulnerability
WordPress Event Registration Plugin Two SQL Injection Vulnerabilities
Joomla! Sponsor Wall Component "catid" SQL Injection Vulnerability
WordPress Link Library Plugin "id" Cross-Site Scripting and SQL Injection Vulnerabilities
WordPress Community Events Plugin "id" Cross-Site Scripting and SQL Injection Vulnerabilities
WordPress KNR Author List Plugin Two SQL Injection Vulnerabilities
Advanced Image Hosting Cross-Site Scripting and SQL Injection Vulnerabilities
EasyGallery SQL Injection and Cross-Site Scripting Vulnerabilities
WordPress Js-appointment Plugin "cat" SQL Injection Vulnerability
WordPress Donation Plugin "did" SQL Injection Vulnerability
WordPress SH Slideshow Plugin "id" SQL Injection Vulnerability
WordPress Image Gallery with Slideshow Plugin SQL Injection and Arbitrary File Upload
WordPress Event Registration Plugin Two SQL Injection Vulnerabilities
Joomla! Sponsor Wall Component "catid" SQL Injection Vulnerability
Advanced Image Hosting Cross-Site Scripting and SQL Injection Vulnerabilities
SAP NetWeaver MailExamples Module Cross Site Scripting Vulnerability
Moodle Multiple Remote SQL Injection and Security Bypass Vulnerabilities
vBulletin Search UI Data Processing Remote SQL Injection Vulnerability
WordPress Unauthorized Access and Multiple Unspecified Vulnerabilities
GroupOffice Data Processing Multiple Remote SQL Injection Vulnerabilities
Apache Archiva Cross Site Scripting and Request Forgery Vulnerabilities
phpMyAdmin for TYPO3 Cross Site Scripting and URL Redirection
Debian Security Update Fixes Doctrine Remote SQL Injection Vulnerability
Debian Security Update Fixes Request Tracker Multiple Vulnerabilities
MyBB Remote SQL Injection and Cross Site Request Forgery Vulnerabilities
Joomla SQL Injection and Multiple Information Disclosure Vulnerabilities
CA Total Defense Remote Code Execution and SQL Injection Vulnerabilities
Cacti Multiple SQL Injection and Cross Site Scripting Vulnerabilities
Andy PHP Knowledgebase "pdfa" Parameter SQL Injection Vulnerability
Joomla Multiple SQL Injection and Cross Site Scripting Vulnerabilities
Debian Security Update Fixes DTC Multiple SQL Injection Vulnerabilities
PyWebDAV Data Processing Multiple SQL Injection Vulnerabilities
IBM Tivoli Netcool/OMNIbus Web GUI Remote SQL Injection Vulnerability
Symantec Web Gateway "USERNAME" SQL Injection Vulnerability
GALLARIFIC "id" Parameter Remote SQL Injection Vulnerability
TECHNOTE "category" Parameter Remote SQL Injection Vulnerability
Sahana Agasti "sel" Parameter Remote SQL Injection Vulnerability
YPNinc Realty Classifieds "id" Parameter Remote SQL Injection Vulnerability
Built2Go PHP Shopping "cat" Parameter Remote SQL Injection Vulnerability
TYPO3 Code Execution and Multiple Cross Site Scripting Vulnerabilities
Movable Type SQL Injection and Cross Site Scripting Vulnerabilities
WordPress "do_trackbacks()" SQL Injection Information Disclosure Issue
Jurpopage "category" Parameter Remote SQL Injection Vulnerability
IBM WebSphere Commerce Organization Admin Console SQL Injection
Joomla! Multiple Remote SQL Injection and Information Disclosure
Symantec IM Manager Administration Console SQL Injection Vulnerabilities
e107 Data Processing Multiple Remote SQL Injection Vulnerabilities
ndCMS "indx" Parameter Remote SQL Injection Vulnerability
PBBoard Multiple SQL Injection and Cross Site Scripting Vulnerabilities
FreePBX Administrative Interface Multiple SQL Injection Vulnerabilities
Powermail for TYPO3 SQL Injection and Cross Site Scripting Vulnerabilities
Primitive CMS "cms_write.php" Security Bypass and SQL Injection
ibPhotohost "img" Parameter Remote SQL Injection Vulnerability
BoutikOne "page" Parameter Remote SQL Injection Vulnerability
Fashione E-Commerce Webshop Multiple SQL Injection Vulnerabilities
JGen for Joomla "id" Parameter Remote SQL Injection Vulnerability
Aardvertiser for Joomla "cat_name" SQL Injection Vulnerability
DMXReady Polling Booth Manager "QuestionID" SQL Injection Vulnerability
Clantools for Joomla Two Parameter SQL Injection Vulnerabilities
Clantools for Joomla "squad" Parameter SQL Injection Vulnerability
chillyCMS Username Processing SQL Injection and Cross Site Scripting
A-Blog "words" Parameter Handling Remote SQL Injection Vulnerability
Debian Security Update Fixes smbind SQL Injection Vulnerability
Web Ideas Web Shop "page" and "ps_session" SQL Injection Issues
JE FAQ Pro for Joomla "catid" Remote SQL Injection Vulnerability
sX-Shop "id" Parameter Remote SQL Injection Vulnerabilities
BXR Multiple SQL Injection and Cross Site Scripting Vulnerabilities
Area Galid "galid" Parameter Remote SQL Injection Vulnerability
BosDev BosClassifieds "cat_id" Parameter SQL Injection Vulnerability
Spielothek for Joomla Multiple Parameter SQL Injection Vulnerabilities
Concept E-commerce "id" Parameter SQL Injection Vulnerabilities
TYPO3 Code Execution and Cross Site Scripting Vulnerabilities
MC Content Manager SQL Injection and Cross Site Scripting Vulnerabilities
ZeeAdbox "bnnnerid" Parameter Remote SQL Injection Vulnerability
Joomdle for Joomla "course_id" Remote SQL Injection Vulnerability
Joomla! Multiple Cross Site Scripting and SQL Injection Vulnerabilities
XAOS CMS "m" Parameter Remote SQL Injection Vulnerability
Ballettin Forum Multiple Parameter SQL Injection Vulnerabilities
CMS Ignition "shopMGID" Parameter Remote SQL Injection Vulnerability
Caner Hikaye Script "id" Parameter Remote SQL Injection Vulnerability
Omnistar Drive Management System Cross Site Scripting Vulnerability
MyWebFTP "mwh" Parameter Remote SQL Injection Vulnerability
Kayako eSupport "newsid" Parameter SQL Injection Vulnerability
BrotherScripts Scripts Directory "id" Parameter SQL Injection Vulnerability
I-Net Enquiry Management Script "id" SQL Injection Vulnerability
CMSQLite Multiple SQL Injection and Cross Site Scripting Vulnerabilities
My Kazaam Address and Contact Organizer SQL Injection Vulnerability
Gallery Plugin for EQdkp-Plus "pid" SQL Injection Vulnerability
Edge PHP Clickbank Affiliate Marketplace Script SQL Injection Issue
MyHome for Joomla "nidimm" Parameter SQL Injection Vulnerability
redSHOP for Joomla "pid" Parameter SQL Injection Vulnerability
Softbiz PHP Shopping Cart Software "cid" SQL Injection Vulnerability
Zylone IT Multiple Parameter Remote SQL Injection Vulnerabilities
Uphotogallery "img_id" Parameter Remote SQL Injection Vulnerability
KMSoft Guestbook "p" Parameter Remote SQL Injection Vulnerability
a2z NetSolutions CMS Multiple Parameter SQL Injection Vulnerabilities
Sijio Community Software SQL Injection and Cross Site Scripting Issues
HostFriendz Pre Hospital Management System SQL Injection Vulnerabilities
BPowerHouse BPAutosales "aid" Remote SQL Injection Vulnerability
Tandis CMS "cpage" Parameter Remote SQL Injection Vulnerability
BrotherScripts Auction "id" Parameter SQL Injection Vulnerability
BrotherScripts Auto Classifieds "id" SQL Injection Vulnerability
BrotherScripts Business Directory "id" SQL Injection Vulnerability
BrotherScripts Events Directory "id" SQL Injection Vulnerability
RightInPoint Lyrics V3 engine "artist_id" SQL Injection Vulnerability
Pre Multi-Vendor Shopping Malls "username" SQL Injection Vulnerability
AutarTimonial for Joomla "limit" Remote SQL Injection Vulnerability
NeoRecruit for Joomla "Itemid" Remote SQL Injection Vulnerability
Sandbox SQL Injection and Arbitrary File Upload Vulnerabilities
MooreAdvice Multiple Parameter Remote SQL Injection Vulnerabilities
Giga Nepal CMS "id" and "pgid" Remote SQL Injection Vulnerabilities
eSmart-vision "id" Parameter Remote SQL Injection Vulnerability
Asidus WebWizard "page_id" and "site_id" SQL Injection Vulnerabilities
BrotherScripts Recipe Website Remote SQL Injection Vulnerabilities
BrotherScripts Business Directory Remote SQL Injection Vulnerabilities
BrotherScripts Auto Classifieds "id" Remote SQL Injection Vulnerability
BookLibrary From Same Author for Joomla SQL Injection Vulnerability
Studiomenozzi CMS Multiple Remote SQL Injection Vulnerabilities
WikiWebHelp "id" Parameter Remote SQL Injection Vulnerability
AddressBook for Joomla "Itemid" Remote SQL Injection Vulnerability
Esoftpro Online Contact Manager "id" SQL Injection Vulnerability
Esoftpro Online Photo Pro SQL Injection and Cross Site Scripting Issues
Esoftpro Online Guestbook Pro SQL Injection and Cross Site Scripting
TCW PHP Album SQL Injection and Cross Site Scripting Vulnerability
phpaaCMS "id" Parameter Remote SQL Injection Vulnerabilities
iScripts MultiCart "orderid" Parameter Remote SQL Injection Vulnerability
Ziggurat Farsi CMS "grp" Parameter Remote SQL Injection Vulnerability
Setiran CMS "id" Parameter Remote SQL Injection Vulnerability
Specialist Bed and Breakfast website SQL Injection Vulnerability
Golf Club Site "pp_id" Parameter Remote SQL Injection Vulnerability
TaskFreak SQL Injection and Cross Site Scripting Vulnerabilities
PHP Bible Search "chapter" Parameter SQL Injection Vulnerability
WebDM CMS "cf_id" Parameter Remote SQL Injection Vulnerability
PageDirector CMS "sub_catid" Remote SQL Injection Vulnerability
YPNinc PHP Realty Script "docID" Remote SQL Injection Vulnerability
YPNinc JokeScript "ypncat_id" Remote SQL Injection Vulnerability
MySpace Clone 2010 "mode" Remote SQL Injection Vulnerability
Clix N Cash Clone 2010 "view" Remote SQL Injection Vulnerability
PageDirector CMS "id" Parameter Remote SQL Injection Vulnerability
PTCPay GeN4 "upg" Parameter Remote SQL Injection Vulnerability
i-Net Solution Online Community "id" Remote SQL Injection Vulnerability
Grafik CMS Multiple SQL Injection and Cross Site Scripting Vulnerabilities
OneCMS Multiple SQL Injection and Cross Site Scripting Vulnerabilities
Swoopo Clone 2010 "id" Parameter Remote SQL Injection Vulnerability
i-Net Solution Job Search Engine Script "keyword" SQL Injection Issue
2daybiz Photo Sharing Script "img" Remote SQL Injection Vulnerability
2daybiz Advanced Poll Script "category" SQL Injection Vulnerability
2daybiz Freelance script "cate" Remote SQL Injection Vulnerability
2daybiz Matrimonial Script "complexion" SQL Injection Vulnerability
Clicker CMS "lang" Parameter Remote SQL Injection Vulnerability
2daybiz B2B Portal Script "cat_id" Remote SQL Injection Vulnerability
2daybiz custom T-shirt design Multiple SQL Injection Vulnerabilities
2daybiz Online Classified Script "cid" SQL Injection Vulnerability
getaphpsite Job Search "topic" Remote SQL Injection Vulnerability
2daybiz Video Community Portal "videoid" Cross Site Scripting Issue
getaphpsite Webring Script "cat" Remote SQL Injection Vulnerability
getaphpsite Top Sites Script "cat" Remote SQL Injection Vulnerability
2daybiz Social Community Script SQL Injection Vulnerabilities
2daybiz Job Search Engine Script "keyword" SQL Injection Vulnerability
YBG Gallery for Joomla "catid" Parameter SQL Injection Vulnerability
Cornerstone CMS "id" Parameter Remote SQL Injection Vulnerability
Pre Multi-Vendor Shopping Malls "prodid" SQL Injection Vulnerability
BoatScripts Classifieds "ID" Parameter Remote SQL Injection Vulnerability
PHP E-Mall "id" Parameter Remote SQL Injection Vulnerability
Easybe Music Store "AlbumID" Remote SQL Injection Vulnerability
Gcms "lang" Parameter Remote SQL Injection Vulnerability
Alpin CMS "id" Parameter Remote SQL Injection Vulnerabilities
Elite Gaming Ladders "ladder[id]" Remote SQL Injection Vulnerability
Kubelance "id" Parameter Remote SQL Injection Vulnerability
PHP-Calendar Multiple SQL Injection and Cross Site Scripting Issues
eWebquiz "QuizType" Parameter Remote SQL Injection Vulnerability
Smart ASP Survey "catid" Parameter SQL Injection Vulnerability
SAS Hotel Management System "notfound" SQL Injection Vulnerability
Webvolume Business Classified Listing "typeID" SQL Injection Vulnerability
Webvolume Restaurant Listing "typeID" SQL Injection Vulnerability
Acuity CMS "page" Parameter Remote SQL Injection Vulnerability
buymyscripts.net Daily Inspirational Quotes Script SQL Injection Issue
buymyscripts.net Joke Website Script "keyword" SQL Injection Vulnerability
buymyscripts.net e-Book Store "keyword" SQL Injection Vulnerability
buymyscripts.net Membership Site Script "id" SQL Injection Vulnerability
buymyscripts.net Lyrics Script Multiple SQL Injection Vulnerabilities
UTStats SQL Injection and Cross Site Scripting Vulnerabilities
Digital Interchange Calendar "intDivisionID" SQL Injection Vulnerability
Real-time ASP Calendar "dt" Parameter SQL Injection Vulnerability
Eyeland Studio "id" Parameter Remote SQL Injection Vulnerabilities
Digital Interchange Document Library SQL Injection Vulnerability
BrightSuite Groupware "ContactID" Parameter SQL Injection Vulnerability
Infront "newsid" Parameter Remote SQL Injection Vulnerability
BDSMIS TraX "catid" Parameter Remote SQL Injection Vulnerability
PHP Planner SQL Injection and Cross Site Scripting Issues
E-Php B2B Marketplace SQL Injection and Cross Site Scripting Issues
Site para Restaurante - Chef - Gastronomia SQL Injection and Inclusion
Development Site Professional Liberal SQL Injection Vulnerability
Site to Store Automobile - Motorcycle - Boat SQL Injection Vulnerability
Site for Real Estate "imovelfor_id" and "id" SQL Injection Vulnerabilities
Yamamah "download" Parameter Remote File Download Vulnerability
Science Fair In A Box "type" Parameter SQL Injection Vulnerability
Pre Web Host "q" Parameter Remote SQL Injection Vulnerability
Hotel / Resort Site Script "cat_id" Parameter SQL Injection Vulnerability
EMO Realty Manager "cat1" Parameter SQL Injection Vulnerability
EasyJobPortal SQL Injection and Cross Site Scripting Vulnerabilities
EasyCarPortal "current_page" Remote SQL Injection Vulnerability
EasyPhotoStore "search_keywords" Remote SQL Injection Vulnerability
EasyEstateManager "current_page" Remote SQL Injection Vulnerability
Script Market Place "sf_id" Parameter Remote SQL Injection Vulnerability
binarydrive "id" Parameter Remote SQL Injection Vulnerability
Article Publisher Pro "art_id" Parameter SQL Injection Vulnerability
CommonSense CMS "article_id" Parameter SQL Injection Vulnerability
DJ-ArtGallery for Joomla "cid" Parameter Cross Site Scripting Vulnerability
e2eTech Design "id" Parameter Multiple SQL Injection Vulnerabilities
WmsCMS Multiple SQL Injection and Cross Site Scripting Vulnerabilities
iScripts eSwap SQL Injection and Cross Site Scripting Vulnerabilities
iScripts EasyBiller "planid" Parameter Remote SQL Injection Vulnerability
PHP Car Rental Script "id" Parameter Remote SQL Injection Vulnerability
IdevSpot TextAds "page" Parameter Remote SQL Injection Vulnerability
ReVou SQL Injection and Cross Site Scripting Vulnerabilities
Sar News for Joomla "id" Parameter Remote SQL Injection Vulnerability
Chocky Soft 2005 "numb" Parameter Remote SQL Injection Vulnerability
Ticimax E-Ticaret "id" Parameter Remote SQL Injection Vulnerabilities
Ecomat CMS SQL Injection and Cross Site Scripting Vulnerabilities
JS Jobs for Joomla "cid" Parameter Remote SQL Injection Vulnerability
wsCMS "id" and "cid" Parameters Remote SQL Injection Vulnerabilities
MusicBox "id" and "start" Remote SQL Injection Vulnerabilities
ImpressPages CMS Multiple Remote SQL Injection Vulnerabilities
Speedy-Shop "idp" Parameter Remote SQL Injection Vulnerability
ArtDesign CMS "id" Parameter Remote SQL Injection Vulnerability
Creato Script "id" Parameter Remote SQL Injection Vulnerability
Nucleus Plugin NP_Gallery File inclusion and SQL Injection Vulnerabilities
Cosmos Solutions cms Remote SQL Injection Vulnerabilities
Webiz "prID" Parameter Remote SQL Injection Vulnerability
Realtor Real Estate Agent "idnews" and "idproperty" SQL Injection
Realtor Web Site System E-Commerce "idfestival" SQL Injection Issues
BF Quiz Component for Joomla "catid" SQL Injection Vulnerability
My Car for Joomla SQL Injection and Cross Site Scripting Vulnerabilities
JE Poll Component for Joomla "pollid" SQL Injection Vulnerability
JE Job Component for Joomla "catid" SQL Injection Vulnerability
Zabbix "nav_time" Parameter Remote SQL Injection Vulnerability
Cacti Multiple Parameter SQL and Command Injection Vulnerabilities
iceberg CMS "p_id" Parameter Remote SQL Injection Vulnerability
I-Vision CMS SQL Injection and Cross Site Scripting Vulnerabilities
Camp Component for Joomla "cid" Remote SQL Injection Vulnerability
phpGroupWare SQL Injections and Local File Inclusion Vulnerabilities
e-webtech "id" Parameter Handling Remote SQL Injection Vulnerability
tekno.Portal "id" Parameter Remote SQL Injection Vulnerabilities
Netvidade "id" Parameter Remote SQL Injection Vulnerabilities
eFront "chatrooms_ID" Parameter Remote SQL Injection Vulnerability
Clicksor "id" Parameter Handling Remote SQL Injection Vulnerability
SmartCMS "pageid" and "lang" Remote SQL Injection Vulnerabilities
ClanTiger "s_email" Parameter Remote SQL Injection Vulnerability
ClanSphere Captcha Generator and MySQL Driver SQL Injection Issues
Campsite "article_id" Parameter Remote SQL Injection Vulnerability
NolaPro Multiple Cross Site Scripting and SQL Injection Vulnerabilities
1024 CMS SQL Injection and Multiple Cross Site Scripting Vulnerabilities
GeneShop "folder" Parameter Remote SQL Injection Vulnerability
Modelbook "adnum" Parameter Remote SQL Injection Vulnerability
PHP Video Battle "cat" Parameter Remote SQL Injection Vulnerability
2daybiz Auction Script "username" Remote SQL Injection Vulnerability
Infocus Real Estate Login Credentials Remote SQL Injection Vulnerability
PHP-Quick-Arcade SQL Injection and Cross Site Scripting Vulnerabilities
CLScript Classifieds Script "hpId" Remote SQL Injection Vulnerability
Airiny ABC for Joomla "sectionid" Remote SQL Injection Vulnerability
Uiga Personal Portal "exhort" Parameter SQL Injection Vulnerability
CMScout "album" Parameter Remote SQL Injection Vulnerability
Debian Security Update Fixes Cacti SQL Injection Vulnerability
ATutor "course" Parameter Remote SQL Injection Vulnerability
Karra Multiple SQL Injection and Cross Site Scripting Vulnerabilities
FuturCMS SQL Injection and Multiple Cross Site Scripting Vulnerabilities
Ebay Clone Script SQL Injection and Cross Site Scripting Vulnerabilities
GBU Facebook "face_id" Remote SQL Injection Vulnerability
CMS Ariadna "tipodoc_id" Parameter Remote SQL Injection Vulnerability
dl_stats Remote SQL Injection and Cross Site Scripting Vulnerabilities
WebAsyst Shop-Script FREE File Inclusion and SQL Injection Issues
jdrugstopics Component for Joomla "id" SQL Injection Vulnerability
Mahara Security Update Fixes SQL Injection and Security Bypass Issues
ilchClan "cid" Parameter Remote SQL Injection Vulnerability
Zabbix "user" Parameter Handling Remote SQL Injection Vulnerability
Jewelry Cart "disproid" Parameter Remote SQL Injection Vulnerability
4xcms "user" Parameter Processing Remote SQL Injection Vulnerability
Gift Exchange for Joomla "pkg" Parameter SQL Injection Vulnerability
Pay Per Watch & Bid Auktions System "id_auk" SQL Injection Vulnerability
Domain Verkaus and Auktions Portal "id" SQL Injection Vulnerability
PhpMyLogon "username" Parameter Remote SQL Injection Vulnerability
Azeno CMS "id" Parameter Remote SQL Injection Vulnerability
Geekhelps ADMP SQL Injection and Local File Inclusion Vulnerabilities
Scriptsfeed Dating Software Remote SQL Injection Vulnerabilities
phpMySite Remote SQL Injection and Cross Site Scripting Vulnerabilities
Blax Blog "kadi" and "sifre" Remote SQL Injection Vulnerabilities
Baykus Yemek Tarifleri Multiple Remote SQL Injection Vulnerabilities
Uiga Personal Portal "id" Parameter Remote SQL Injection Vulnerability
Uiga FanClub "id" Parameter Remote SQL Injection Vulnerability
Galerie Dezign-Box File Upload and SQL Injection Vulnerabilities
Arab Cart "id" SQL Injection and Cross Site Scripting Vulnerability
Article Friendly "username" and "password" SQL Injection Vulnerability
Cisco Security Agent SQL Injection and Directory Traversal Vulnerabilities
Debian Security Update Fixes OTRS SQL Injection Vulnerabilities
Productbook for Joomla "id" Remote SQL Injection Vulnerability
Belkatalog CMS "lnk" Parameter Remote SQL Injection Vulnerability
Rostermain "userid" and "password" SQL Injection Vulnerabilities
Uiga Business Portal SQL Injection and Cross Site Scripting Issues
LedgerSMB SQL Injection and Cross Site Scripting Vulnerabilities
OCS Inventory NG SQL Injection and Cross Site Scripting Vulnerabilities
Debian Security Update Fixes phpGroupWare Multiple Vulnerabilities
TYPO3 Extensions SQL Injection and Cross Site Scripting Vulnerabilities
Novell ZENworks Asset Management SQL Injection Vulnerability
jProjects for Joomla "project" Remote SQL Injection Vulnerability
jEmbed-Embed Anything for Joomla "catid" SQL Injection Vulnerability
LineWeb Remote SQL Injection and Local File Inclusion Vulnerabilities
ImagoScripts Deviant Art Clone "seid" Remote SQL Injection Vulnerability
WorldPay Script Shop "id" Parameter SQL Injection Vulnerability
XOOPS Remote SQL Injection and Cross Site Scripting Vulnerabilities
TPJobs for Joomla "id_c" Parameter Remote SQL Injection Vulnerability
HotBrackets for Joomla "id" Parameter SQL Injection Vulnerability
MasterWeb "newsID" Parameter Remote SQL Injection Vulnerability
Joomla Bridge of Hope Template "id" SQL Injection Vulnerability
Doqment Component for Joomla "cid" SQL Injection Vulnerability
Otzivi Component for Joomla "Itemid" SQL Injection Vulnerability
Portal ModulNet "id" Parameter Remote SQL Injection Vulnerability
Joomla Bamboo Simpla Admin Template SQL Injection Vulnerability
Smart Vision Script News "id" Remote SQL Injection Vulnerability
Elite Gaming Ladders "account" Remote SQL Injection Vulnerability
SQL-Ledger Multiple SQL Injection and Cross Site Scripting Vulnerabilities
TYPO3 Extensions Multiple SQL Injection and Cross Site Scripting Issues
B2C Booking Centre System Remote SQL Injection Vulnerability
SpireCMS "alb_id" Parameter Remote SQL Injection Vulnerability
Ele Medios CMS "notiId" Parameter Remote SQL Injection Vulnerability
TestLink Multiple Remote SQL Injection and Cross Site Scripting
Invision Power Board SQL Injection and Local Inclusion Vulnerabilities
Moodle Multiple Input Validation and Security Bypass Vulnerabilities
Vivid Ads Shopping Cart "prodid" Remote SQL Injection Vulnerability
Taxonomy Timer Module for Drupal Remote SQL Injection Vulnerability
TYPO3 Extensions Multiple SQL Injection and Cross Site Scripting Issues
CubeCart "productId" Parameter Remote SQL Injection Vulnerability
FrontAccounting Multiple Remote SQL Injection Vulnerabilities
Super Serious Stats "uid" Parameter Remote SQL Injection Vulnerability
eoCMS "id" and "page" Parameters SQL Injection Vulnerabilities
PSArt "id" Parameter Remote SQL Injection Vulnerability
Attachment Module for PunBB "secure_str" SQL Injection Vulnerability
Basic Analysis and Security Engine Multiple Remote Vulnerabilities
ComicMaster Unspecified Remote SQL Injection Vulnerability
Nebula3 Remote SQL Injection and Cross Site Scripting Vulnerabilities
urlShort Remote SQL Injection and Cross Site Scripting Vulnerabilities
Tin Can Jukebox Unspecified Remote SQL Injection Vulnerability
RunCms "pid" and "forum" Parameters SQL Injection Vulnerabilities
TYPO3 Multiple Code Injection and Information Disclosure Vulnerabilities
Moodle Course List for Drupal Unspecified SQL Injection Vulnerability
phpMyAdmin for TYPO3 SQL Injection and Cross Site Scripting Issues
Flagbit Filebase for TYPO3 Unspecified SQL Injection Vulnerability
phpMyAdmin SQL Injection and Cross Site Scripting Vulnerabilities
BPowerhouse BPHolidayLettings "tid" Remote SQL Injection Vulnerability
BPowerhouse BPAutoSales "aid" Remote SQL Injection Vulnerability
BPowerhouse BPGames "cat_id" and "game_id" SQL Injection Issues
BPowerhouse BPStudent "test" Parameter SQL Injection Vulnerability
BPowerhouse BPMusic "music_id" Parameter SQL Injection Vulnerability
HBcms "article_id" Parameter Handling SQL Injection Vulnerability
Vastal I-Tech Agent Zone "id" Parameter SQL Injection Vulnerability
Alibaba Clone "id" Parameter Remote SQL Injection Vulnerability
SportFusion for Joomla "cid[0]" Remote SQL Injection Vulnerability
Vastal I-Tech DVD Zone "mag_id" Remote SQL Injection Vulnerability
BPowerHouse BPLawyerCaseDocument "cat" SQL Injection Vulnerability
Facebook for Joomla "id" Parameter Remote SQL Injection Vulnerability
Tupinambis for Joomla "proyecto" Remote SQL Injection Vulnerability
Survey Manager for Joomla "stype" Remote SQL Injection Vulnerability
FanUpdate "listingid" Parameter Remote SQL Injection Vulnerability
Zainu "album_id" Parameter Remote SQL Injection Vulnerability
Novell GroupWise "User.Theme.index" Cross Site Scripting Vulnerability
Elite Gaming Ladders "platform" Remote SQL Injection Vulnerability
jLord RSS Feed Creator for Joomla "id" SQL Injection Vulnerability
Foobla Suggestions for Joomla "idea_id" SQL Injection Vulnerability
AdsDX "loginname" Parameter Remote SQL Injection Vulnerability
PHP Pro Bid "auction_id" Parameter Remote SQL Injection Vulnerability
AlphaUserPoints for Joomla "username2points" SQL Injection Vulnerability
Bugzilla SQL Injection and Information Disclosure Vulnerabilities
Hestar for Mambo "id" Parameter Remote SQL Injection Vulnerability
Joomloc for Joomla "id" Remote SQL Injection Vulnerability
Model Agency Manager "user_id" Remote SQL Injection Vulnerability
TPDugg for Joomla "id" Parameter Remote SQL Injection Vulnerability
PHP Live! "deptid" Parameter Remote SQL Injection Vulnerability
Discuz! Plugin JiangHu "id" Parameter SQL Injection Vulnerability
Game Server for Joomla "id" Parameter SQL Injection Vulnerability
Art Portal for Joomla "portalid" Remote SQL Injection Vulnerability
Mybuxscript PTC-BUX "id" Parameter SQL Injection Vulnerability
BandCMS "year" and "id" Parameters SQL Injection Vulnerabilities
Modern Script "s" Parameter Remote SQL Injection Vulnerability
Interactivefx.ie CMS "id" and "login" SQL Injection Vulnerabilities
JBoard Multiple SQL Injection and Cross Site Scripting Vulnerabilities
LiveStreet Comments Processing Cross Site Scripting Vulnerability
Download System mSF For PHP-Fusion "view_id" SQL Injection Issue
DreamCost Multiple File Inclusion and SQL Injection Vulnerabilities
Silurus System "ID" Parameter Handling SQL Injection Vulnerability
Danneo CMS "comtitle" Parameter Remote SQL Injection Vulnerability
Uiga Church Portal "year" Parameter Remote SQL Injection Vulnerability
DigiFolio for Joomla "id" Parameter Remote SQL Injection Vulnerability
RASH Quote Management System (RQMS) SQL Injection Vulnerability
Pirates of The Caribbean "y" and "x" Remote SQL Injection Vulnerability
Allomani 2007 "cat" Parameter Parameter SQL Injection Vulnerability
PAD Site Scripts SQL Injection and Cross Site Scripting Vulnerabilities
Open Auto Classifieds File Upload and SQL Injection Vulnerabilities
Discuz! Plugin Crazy Star "fmid" Parameter SQL Injection Vulnerability
TotalCalendar SQL Injection and Local File Inclusion Vulnerabilities
EMO Breader Manager "idd" Parameter SQL Injection Vulnerability
IP.Board "search.php" and "lostpass.php" SQL Injection Vulnerabilities
TYPO3 Multiple Extensions Remote SQL Injection Vulnerabilities
T3M E-Mail Marketing Tool for TYPO3 SQL Injection Vulnerability
Turnkey Arcade Script "sid" Parameter Remote SQL Injection Vulnerability
Siirler for Joomla "sid" Parameter Remote SQL Injection Vulnerability
NinjaMonials for Joomla "testimID" Remote SQL Injection Vulnerability
jTips for Joomla "season" Parameter Remote SQL Injection Vulnerability
ITechBids "productid" Parameter Remote SQL Injection Vulnerability
humanCMS Username and Password Remote SQL Injection Vulnerability
PHP Dir Submit "aid" Parameter Remote SQL Injection Vulnerability
Moa Gallery "gallery_id" Parameter Remote SQL Injection Vulnerability
Ed Charkow Supercharged Linking "id" SQL Injection Vulnerability
Infinity Remote File Disclosure and Remote SQL Injection Vulnerabilities
CMS Aspect Web Design "ProductID" Remote SQL Injection Vulnerability
Fedora Security Update Fixes OCS Inventory SQL Injection Vulnerability
Portel 2008 "patron" Parameter Remote SQL Injection Vulnerability
OpenNews "username" Parameter Remote SQL Injection Vulnerability
Irokez CMS "id" Parameter Handling Remote SQL Injection Vulnerability
ShopMaker Remote SQL Injection and Local File Inclusion Vulnerabilities
MOC Designs PHP News Remote SQL Injection Vulnerability
PPScript (PaymentProcessorScript) "cid" SQL Injection Vulnerability
Discloser "more" Parameter Remote SQL Injection Vulnerability
Multi Website "Browse" Parameter Remote SQL Injection Vulnerability
Elvin SQL Injection and Multiple Cross Site Scripting Vulnerabilities
Questions Answered "username" Remote SQL Injection Vulnerability
SimpleLoginSys "username" Remote SQL Injection Vulnerability
TT Web Site Manager "tt_name" Remote SQL Injection Vulnerability
Ajax Short URL Script "username" Remote SQL Injection Vulnerability
AW-BannerAd "User" and "Password" SQL Injection Vulnerability
Allomani Movies and Clips "username" Remote SQL Injection Vulnerability
Allomani Songs and Clips "username" Remote SQL Injection Vulnerability
Allomani Mobile "username" Remote SQL Injection Vulnerability
Inout Adserver "id" Parameter Remote SQL Injection Vulnerability
Super Mod System "s" Parameter Remote SQL Injection Vulnerability
VS PANEL "Cat_ID" Parameter Remote SQL Injection Vulnerability
iWiccle Local File Inclusion and Remote SQL Injection Vulnerabilities
URA "cat" Parameter Handling Remote SQL Injection Vulnerability
Garage Sales "key" Parameter SQL Injection and Cross Site Scripting
Basilic "idAuthor" Processing Remote SQL Injection Vulnerability
Million Dollar Pixel Ads Platinum SQL Injection and Cross Site Scripting
Classified Linktrader "slctCategories" SQL Injection Vulnerability
Hutscripts SQL Injection and Cross Site Scripting Vulnerabilities
Shopping Cart Selling Script SQL Injection and Cross Site Scripting Issues
phpDirectorySource SQL Injection and Cross Site Scripting Vulnerabilities
MCshoutbox SQL Injection and Arbitrary File Upload Vulnerabilities
100 last CVE   CVE-2018-7717
CVE-2018-17397
CVE-2018-17394
CVE-2018-17385
CVE-2018-17384
CVE-2018-17383
CVE-2018-17382
CVE-2018-17380
CVE-2018-17379
CVE-2018-17378
CVE-2018-17377
CVE-2018-17376
CVE-2018-17375
CVE-2017-9337
CVE-2017-9336
CVE-2017-8917
CVE-2017-6098
CVE-2017-6097
CVE-2017-6096
CVE-2017-6095
CVE-2017-2550
CVE-2017-2168
CVE-2017-18345
CVE-2017-17900
CVE-2017-17899
CVE-2017-17898
CVE-2017-17897
CVE-2017-15966
CVE-2017-15965
CVE-2017-1002022
CVE-2017-1002021
CVE-2017-1002020
CVE-2017-1002019
CVE-2017-1002018
CVE-2017-1002017
CVE-2016-8583
CVE-2016-8582
CVE-2016-8581
CVE-2016-8580
CVE-2016-6453
CVE-2016-5099
CVE-2016-5098
CVE-2016-5097
CVE-2016-4999
CVE-2016-3659
CVE-2016-3172
CVE-2016-1915
CVE-2016-1914
CVE-2016-1437
CVE-2016-10134
CVE-2016-1000271
CVE-2016-1000124
CVE-2016-0770
CVE-2016-0769
CVE-2016-0765
CVE-2015-8399
CVE-2015-8398
CVE-2015-8377
CVE-2015-8369
CVE-2015-7899
CVE-2015-7859
CVE-2015-7858
CVE-2015-7857
CVE-2015-7683
CVE-2015-7682
CVE-2015-7670
CVE-2015-7669
CVE-2015-7668
CVE-2015-7667
CVE-2015-7666
CVE-2015-7527
CVE-2015-7517
CVE-2015-7391
CVE-2015-7390
CVE-2015-7377
CVE-2015-7357
CVE-2015-7319
CVE-2015-7297
CVE-2015-6345
CVE-2015-6329
CVE-2015-6238
CVE-2015-5472
CVE-2015-5471
CVE-2015-5469
CVE-2015-5461
CVE-2015-4454
CVE-2015-4342
CVE-2015-4208
CVE-2015-4188
CVE-2015-4109
CVE-2015-4075
CVE-2015-4074
CVE-2015-4073
CVE-2015-4072
CVE-2015-4071
CVE-2015-3325
CVE-2015-3313
CVE-2015-3173
CVE-2015-2803
CVE-2015-2665


 
 
 
 
 Risk level 
Moderate