CWE-89

SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action.

SQL Injection exists in the CP Event Calendar 3.0.1 component for Joomla! via the id parameter in a task=load action.

An issue was discovered in Appnitro MachForm before 4.2.3. There is a download.php SQL injection via the q parameter.

SQL Injection exists in Task Rabbit Clone 1.0 via the single_blog.php id parameter.

SQL Injection exists in Multilanguage Real Estate MLM Script through 3.0 via the /product-list.php srch parameter.

SQL Injection exists in TSiteBuilder 1.0 via the id parameter to /site.php, /pagelist.php, or /page_new.php.