CWE-89

SQL injection vulnerability in sendcard.cfm in PostEcards allows remote attackers to execute arbitrary SQL commands via the cid parameter.

SQL injection vulnerability in Netref 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) fiche_product.php and (2) presentation.php.

SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to execute arbitrary SQL commands via the id parameter.

SQL injection vulnerability in admin.php in E-topbiz Domain Shop 2 allows remote attackers to execute arbitrary SQL commands via the passfromform parameter.

SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, and 2006 through 2007, allows remote attackers to execute arbitrary SQL commands via the chid parameter.