Total
18012 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5191 | 1 Seportal | 1 Seportal | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php.
|
|||||
| CVE-2008-0565 | 1 Deltascripts | 1 Php Links | 2025-04-09 | 6.8 MEDIUM | N/A |
|
SQL injection vulnerability in vote.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
|||||
| CVE-2008-5335 | 1 Php-fusion | 1 Php-fusion | 2025-04-09 | 6.8 MEDIUM | N/A |
|
SQL injection vulnerability in messages.php in PHP-Fusion 6.01.15 and 7.00.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the subject and msg_send parameters, a different vector than CVE-2005-3157, CVE-2005-3158, CVE-2005-3159, CVE-2005-4005, and CVE-2006-2459.
|
|||||
| CVE-2009-4576 | 2 Cmstactics, Joomla | 2 Com Beeheard, Joomla\! | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php.
|
|||||
| CVE-2008-2417 | 1 How2asp | 1 Webboard | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard 4.1 allows remote attackers to execute arbitrary SQL commands via the qNo parameter.
|
|||||
| CVE-2008-3153 | 1 Tritoncms | 1 Triton Cms Pro | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
|
|||||
| CVE-2007-6566 | 1 Xzero Scripts | 1 Xzero Community Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php.
|
|||||
| CVE-2008-2336 | 1 68 Classifieds | 1 68 Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
|
|||||
| CVE-2008-6031 | 1 Wsn Links | 1 Wsn Links | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable.
|
|||||
| CVE-2008-3125 | 1 Mole Group | 1 Lastminute Script | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
|
|||||
| CVE-2008-1459 | 4 Joomla, Joomlaitalia, Mambo and 1 more | 4 Joomla, Com Alberghi, Mambo and 1 more | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
|
|||||
| CVE-2009-0104 | 1 Se-ed | 1 Ezpack | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action.
|
|||||
| CVE-2009-2311 | 2 Selbstzweck, Woltlab | 2 Rgallery Plugin, Burning Board | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in the rGallery plugin 1.2.3 for WoltLab Burning Board (WBB3) allows remote attackers to execute arbitrary SQL commands via the userID parameter in the RGalleryUserGallery page to index.php, a different vector than CVE-2008-4627.
|
|||||
| CVE-2009-0528 | 1 Rhadrix | 1 If-cms | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in frame.php in Rhadrix If-CMS 2.07 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
|||||
| CVE-2008-0690 | 1 Joomla | 1 Com Directory | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in index.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewcat action.
|
|||||
| CVE-2008-4732 | 2 Pressography, Wordpress | 2 Wp Comment Remix Plugin, Wordpress | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter.
|
|||||
| CVE-2008-2651 | 1 Joomla | 1 Com Joobb | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in the Joomla! Bulletin Board (aka Joo!BB or com_joobb) component 0.5.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the forum parameter in a forum action to index.php.
|
|||||
| CVE-2008-3266 | 1 Softacid | 1 Hotel Reservation System Multi | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in picture_pic_bv.asp in SoftAcid Hotel Reservation System (HRS) Multi allows remote attackers to execute arbitrary SQL commands via the key parameter.
|
|||||
| CVE-2007-1154 | 1 Webspell | 1 Webspell | 2025-04-09 | 6.8 MEDIUM | N/A |
|
SQL injection vulnerability in webSPELL allows remote attackers to execute arbitrary SQL commands via a ws_auth cookie, a different vulnerability than CVE-2006-4782.
|
|||||
| CVE-2008-5778 | 1 Flds Script | 1 Flds | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in report.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
|
|||||
| CVE-2007-6647 | 1 W-agora | 1 W-agora | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter.
|
|||||
| CVE-2008-5802 | 1 E-topbiz | 1 Online Store | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in index.php in E-topbiz Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
|
|||||
| CVE-2008-1623 | 1 Lotus Web Studios Inc | 1 Smoothflash | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in admin_view_image.php in Smoothflash allows remote attackers to execute arbitrary SQL commands via the cid parameter.
|
|||||
| CVE-2008-5727 | 1 Netcat | 1 Netcat | 2025-04-09 | 6.8 MEDIUM | N/A |
|
SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the query string.
|
|||||
| CVE-2008-0461 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-09 | 6.8 MEDIUM | N/A |
|
SQL injection vulnerability in index.php in the Search module in PHP-Nuke 8.0 FINAL and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a comments action to modules.php. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-5088 | 1 Knowledgebase-script | 1 Phpkb Knowledge Base Software | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple SQL injection vulnerabilities in PHPKB Knowledge Base Software 1.5 Professional allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) email.php and (2) question.php, a different vector than CVE-2008-1909.
|
|||||
| CVE-2009-1316 | 1 Abk-soft | 1 Ablespace | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple SQL injection vulnerabilities in AbleSpace 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to events_view.php and the (2) id parameter to events_clndr_view.php.
|
|||||
| CVE-2009-1410 | 1 Opensolution | 1 Quick.cms.lite | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
|||||
| CVE-2008-1494 | 1 Easy-clanpage | 1 Easy-clanpage | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in inc/module/online.php in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a user details action, a different vector than CVE-2008-1425.
|
|||||
| CVE-2008-1177 | 1 Affiliate Market | 1 Affiliate Market | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in shop/detail.php in Affiliate Market (affmarket) 0.1 BETA allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
|||||
| CVE-2008-6234 | 2 Joomla, Mambo-foundation | 4 Com Musica, Joomla, Com Musica and 1 more | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
|
|||||
| CVE-2009-2567 | 2 Almondsoft, Joomla | 2 Almond Classifieds, Joomla\! | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 5.6.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
|
|||||
| CVE-2008-6458 | 2 Dieter Mayer, Typo3 | 2 Fe Address Edit, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in the FE address edit for tt_address & direct mail (dmaddredit) extension 0.4.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
|||||
| CVE-2008-0770 | 1 Ibproarcade | 1 Ibproarcade | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the g_display_order cookie parameter.
|
|||||
| CVE-2009-4206 | 1 Cmsnx | 1 Million Dollar Text Links | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
|||||
| CVE-2008-1869 | 1 Site Sift Media | 1 Site Sift Listings | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific.
|
|||||
| CVE-2008-6875 | 1 Humayun Shabbir Bhutta | 1 Asp Product Catalog | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220.
|
|||||
| CVE-2008-2301 | 1 Phpway | 1 Kostenloses Linkmanagementscript | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in Kostenloses Linkmanagementscript allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) top_view.php.
|
|||||
| CVE-2009-2423 | 1 Ebayclonescript | 1 Ebay Clone | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter in a list action.
|
|||||
| CVE-2008-1890 | 2 Azrul, Joomla | 2 Jom Comment, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||