CWE-89

SQL injection vulnerability in index.php in WebStudio CMS allows remote attackers to execute arbitrary SQL commands via the pageid parameter.

SQL injection vulnerability in lyrics.php in Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.

SQL injection vulnerability in admin/index.php in PG Real Estate Solution allows remote attackers to execute arbitrary SQL commands via the login_lg parameter (username). NOTE: some of these details are obtained from third party information.

SQL injection vulnerability in admin/index.php in PG Roommate Finder Solution allows remote attackers to execute arbitrary SQL commands via the login_lg parameter. NOTE: some of these details are obtained from third party information.

SQL injection vulnerability in NetArt Media Real Estate Portal 1.2 allows remote attackers to execute arbitrary SQL commands via the ad_id parameter in the re_send_email module to index.php.