CWE-89

SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task.

SQL injection vulnerability in the gallery module in Koobi CMS 4.3.0 allows remote attackers to execute arbitrary SQL commands via the galid parameter in a showimages action.

SQL injection vulnerability in public/code/cp_polls_results.php in All In One Control Panel (AIOCP) 1.4 allows remote attackers to execute arbitrary SQL commands via the poll_id parameter.

SQL injection vulnerability in newuser.php in the alternate_profiles plugin, possibly 0.2, for e107 allows remote attackers to execute arbitrary SQL commands via the id parameter.

SQL injection vulnerability in easyshop.php in the EasyShop plugin for e107 allows remote attackers to execute arbitrary SQL commands via the category_id parameter.

SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter.