Total
17796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-0350 | 1 Sme | 1 Filemailer | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in (a) index.php and (b) dl.php in SmE FileMailer 1.21 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ps, (2) us, (3) f, or (4) code parameter. NOTE: the us vector in index.php is already covered by CVE-2007-0346. | |||||
| CVE-2008-5337 | 1 Multimania | 2 Bandsite Portal System, Bandwebsite | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lyrics.php in Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4766 | 1 O2php | 1 Oxygen Bulletin Board | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1.3 allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-2082 | 1 Creative Web Solutions | 1 Multi-level Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in insidepage.php in Creative Web Solutions Multi-Level CMS 1.21 allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4353 | 1 Linkarity | 1 Linkarity | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in link.php in Linkarity allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: although one component of Linkarity is distributable PHP code, this issue might be site-specific. If so, it should not be included in CVE. | |||||
| CVE-2008-5582 | 1 Nukedit | 1 Nukedit | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter. | |||||
| CVE-2008-2673 | 1 Powie | 1 Pnews | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Powie pNews 2.08 and 2.10, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the shownews parameter. | |||||
| CVE-2009-2232 | 1 Softbizscripts | 1 Banner Ad Management Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in image.php in Softbiz Banner Ad Management Script allows remote attackers to execute arbitrary SQL commands via the size_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-3495 | 1 Vastal | 1 Dvd Zone | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_mag.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the mag_id parameter, a different vector than CVE-2008-4465. | |||||
| CVE-2007-6587 | 1 Plogger | 1 Plogger | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6338 | 1 Trivantis | 1 Coursemill Enterprise Learning Management System | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote attackers to execute arbitrary SQL commands via the user parameter (username field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5841 | 1 Igamingcms | 1 Igaming Cms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the browse parameter to (1) previews.php and (2) reviews.php, and the (3) id parameter to index.php in a viewarticle action. | |||||
| CVE-2008-0750 | 1 Husrev | 1 Blackboard | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in philboard_forum.asp in Husrev BlackBoard 2.0.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | |||||
| CVE-2007-1026 | 1 Scriptdungeon | 1 Xlatunes | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in XLAtunes 0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the album parameter in view mode. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1513 | 1 Danneo | 1 Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Danneo CMS 0.5.1 and earlier, when the Referers statistics option is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header. | |||||
| CVE-2008-0675 | 1 The Everything Development Company | 1 The Everything Development Engine | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cms/index.pl in The Everything Development Engine in The Everything Development System Pre-1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the node_id parameter. | |||||
| CVE-2008-7226 | 2 Php-nuke, Phpnuke | 2 Recipe Module, Php-nuke | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the recipeid parameter. | |||||
| CVE-2008-6234 | 2 Joomla, Mambo-foundation | 4 Com Musica, Joomla, Com Musica and 1 more | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2008-6615 | 1 Zen-cart | 1 Zen Cart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2125 | 1 Musicbox | 1 Musicbox | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to execute arbitrary SQL commands via the artistId parameter. | |||||