Explore CVEs related to SQL Injection vulnerabilities, filtered by published year. This list is sorted by most recent disclosures first and supports filtering by CVSS and EPSS risk scores.
Includes the most recent vulnerability disclosures and trends, helping security teams quickly identify high-risk issues and exploitation likelihood.
You're viewing SQL Injection CVEs published in 2011. View full CVE list
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2010-5055 | SQL injection vulnerability in index.php in Almnzm 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 | 2.37% | 2011-11-22 | 2026-06-16 |
| CVE-2010-5053 | SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php. | 7.5 | 2.09% | 2011-11-22 | 2026-06-16 |
| CVE-2010-5049 | SQL injection vulnerability in events.php in Zabbix 1.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the nav_time parameter. | 7.5 | 1.24% | 2011-11-22 | 2026-06-16 |
| CVE-2010-5047 | SQL injection vulnerability in page.php in V-EVA Press Release Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 | 2.29% | 2011-11-22 | 2026-06-16 |
| CVE-2011-4066 | SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO. | 7.5 | 1.67% | 2011-11-04 | 2026-06-16 |
| CVE-2011-3989 | SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 | 1.11% | 2011-11-04 | 2026-06-16 |
| CVE-2010-5044 | SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information. | 6.0 | 1.02% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5043 | SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid[] parameter in an editItem action to administrator/index.php. | 6.0 | 0.92% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5041 | SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action. | 7.5 | 1.22% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5039 | SQL injection vulnerability in control/admin_login.php in ScriptsFeed Recipes Listing Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter (aka the UserName field). NOTE: some of these details are obtained from third party information. | 7.5 | 1.05% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5037 | SQL injection vulnerability in article.php in SenseSites CommonSense CMS allows remote attackers to execute arbitrary SQL commands via the article_id parameter. | 7.5 | 2.09% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5036 | SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. | 7.5 | 1.22% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5034 | SQL injection vulnerability in viewhistorydetail.php in iScripts EasyBiller 1.1 allows remote attackers to execute arbitrary SQL commands via the planid parameter. | 7.5 | 1.22% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5033 | SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows remote attackers to execute arbitrary SQL commands via the CatDisplay parameter. | 7.5 | 1.04% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5032 | SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php. | 7.5 | 1.73% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5029 | SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the show parameter in a web action. | 7.5 | 1.22% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5028 | SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | 7.5 | 9.25% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5026 | SQL injection vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. NOTE: some of these details are obtained from third party information. | 6.8 | 1.53% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5024 | SQL injection vulnerability in manage/add_user.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the user_id parameter. NOTE: some of these details are obtained from third party information. | 6.0 | 1.01% | 2011-11-02 | 2026-06-16 |
| CVE-2010-5023 | SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intDivisionID parameter. | 7.5 | 1.22% | 2011-11-02 | 2026-06-16 |