CVE List by Type: SQL Injection (Filtered by Published Year)

Explore CVEs related to SQL Injection vulnerabilities, filtered by published year. This list is sorted by most recent disclosures first and supports filtering by CVSS and EPSS risk scores.

Includes the most recent vulnerability disclosures and trends, helping security teams quickly identify high-risk issues and exploitation likelihood.

You're viewing SQL Injection CVEs published in 2012. View full CVE list

Showing 4160 of 236 results
«« First « Prev Page 3 / 12 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2012-5333 SQL injection vulnerability in page.php in Pre Printing Press allows remote attackers to execute arbitrary SQL commands via the id parameter. 7.5 1.24% 2012-10-08 2026-06-16
CVE-2012-5328 Multiple SQL injection vulnerabilities in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress might allow remote authenticated users to execute arbitrary SQL commands via the (1) memberid or (2) groupid parameters in a removemember action or (3) id parameter to fs-admin/fs-admin.php, or (4) edit_forum_id parameter in an edit_save_forum action to fs-admin/wpf-edit-forum-group.php. 6.5 1.51% 2012-10-08 2026-06-16
CVE-2012-5327 Multiple SQL injection vulnerabilities in fs-admin/fs-admin.php in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) delete_usrgrp[] parameter in a delete_usergroups action, (2) usergroup parameter in an add_user_togroup action, or (3) add_forum_group_id parameter in an add_forum_submit action. 6.5 1.73% 2012-10-08 2026-06-16
CVE-2012-5317 SQL injection vulnerability in main_bigware_43.php in Bigware Shop before 2.1.5 allows remote attackers to execute arbitrary SQL commands via the lastname parameter in a process action. 7.5 1.32% 2012-10-08 2026-06-16
CVE-2012-5313 SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows remote attackers to execute arbitrary SQL commands via the TOPIC_ID parameter. 7.5 1.11% 2012-10-08 2026-06-16
CVE-2012-5312 SQL injection vulnerability in Tribiq CMS allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. 7.5 1.11% 2012-10-08 2026-06-16
CVE-2012-5310 SQL injection vulnerability in the WP e-Commerce plugin before 3.8.7.6 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors. 7.5 2.11% 2012-10-08 2026-06-16
CVE-2011-4638 Multiple SQL injection vulnerabilities in SpamTitan WebTitan before 3.60 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to login-x.php, and allow remote authenticated users to execute arbitrary SQL commands via the (2) bldomain, (3) wldomain, or (4) temid parameter to urls-x.php. 7.5 1.19% 2012-10-08 2026-06-16
CVE-2010-5063 SQL injection vulnerability in article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the ratearticleselect parameter. 7.5 1.11% 2012-10-08 2026-06-16
CVE-2012-5300 SQL injection vulnerability in art_catalogo.php in MyStore Xpress Tienda Virtual 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. 7.5 1.31% 2012-10-04 2026-06-16
CVE-2012-5297 SQL injection vulnerability in edit.asp in Mavili Guestbook, as released in November 2007, allows remote attackers to execute arbitrary SQL commands via the id parameter. 7.5 1.31% 2012-10-04 2026-06-16
CVE-2012-5294 SQL injection vulnerability in art_detalle.php in MyStore Xpress Tienda Virtual allows remote attackers to execute arbitrary SQL commands via the id parameter. 7.5 1.12% 2012-10-04 2026-06-16
CVE-2011-5203 SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information. 7.5 1.24% 2012-10-04 2026-06-16
CVE-2012-5292 Multiple SQL injection vulnerabilities in Atar2b CMS 4.0.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) gallery_e.php, (2) pageE.php, or (3) pageH.php. 7.5 1.11% 2012-10-04 2026-06-16
CVE-2012-5291 SQL injection vulnerability in team.php in Posse Softball Director CMS allows remote attackers to execute arbitrary SQL commands via the idteam parameter. 7.5 1.12% 2012-10-04 2026-06-16
CVE-2012-5290 Multiple SQL injection vulnerabilities in EasyWebRealEstate allow remote attackers to execute arbitrary SQL commands via the (1) lstid parameter to listings.php or (2) infoid parameter to index.php. 7.5 1.23% 2012-10-04 2026-06-16
CVE-2012-5289 Multiple SQL injection vulnerabilities in Plogger 1.0 RC1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) index.php or (2) gallery.php. 7.5 1.31% 2012-10-04 2026-06-16
CVE-2012-5288 SQL injection vulnerability in page.php in phpMyDirectory 1.3.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. 7.5 1.11% 2012-10-04 2026-06-16
CVE-2012-1603 Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0.6 allow remote attackers to execute arbitrary SQL commands via the (1) curstr parameter in the findUsers function, (2) id parameter in the isIdAvailable function, or (3) username parameter in the getGreetings function. 7.5 1.45% 2012-10-01 2026-06-16
CVE-2012-5227 SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2.8 and 2.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. 7.5 1.11% 2012-10-01 2026-06-16
«« First « Prev Page 3 / 12 Next »
cvelogic Threat Intelligence