Total
17796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5293 | 1 Bdigital Web Solutions | 1 Webstudio Ehotel | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WebStudio eHotel allows remote attackers to execute arbitrary SQL commands via the pageid parameter. | |||||
| CVE-2009-2609 | 2 Amotools, Joomla | 2 Com Amocourse, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. | |||||
| CVE-2009-0104 | 1 Se-ed | 1 Ezpack | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action. | |||||
| CVE-2007-3913 | 1 Gforge | 1 Gforge | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Gforge before 3.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4350 | 1 Boldfx | 1 Arctic Issue Tracker | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Arctic Issue Tracker 2.1.1 allows remote attackers to execute arbitrary SQL commands via the (1) matchings[id] or (2) matchings[title] parameters in a Login action to an unspecified program, or (3) the matchings[id] parameter in a search action to index.php, a different vector than CVE-2008-3250. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4091 | 1 Source Workshop | 1 Web Directory Script | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Web Directory Script 1.5.3 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action. | |||||
| CVE-2009-3042 | 1 Ocsinventory-ng | 1 Ocs Inventory Ng | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote attackers to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040. | |||||
| CVE-2008-0934 | 2 Nukec, Php-nuke | 2 Nukec, Nukec Module | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in the NukeC 2.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action. | |||||
| CVE-2009-3703 | 2 Fahlstad, Wordpress | 2 Wp-forum, Wordpress | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2.4 for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an unspecified component, related to wpf.class.php; (3) the topic parameter in a viewforum action to the default URI, related to the remove_topic function in wpf.class.php; or the id parameter in a (4) editpost or (5) viewtopic action to the default URI, related to wpf-post.php. | |||||
| CVE-2008-2393 | 1 Entertainmentscript | 1 Entertainmentscript | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0922 | 1 Php-nuke | 1 Manuales | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php. | |||||
| CVE-2008-4701 | 1 Liberiacms | 1 Liberia Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin.php in Libera CMS 1.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_user cookie parameter, a different vector than CVE-2008-4700. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-0380 | 3 Joomla, Mambo-foundation, Sigsiu.net | 3 Joomla, Mambo, Sobi2 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid parameter in a showbiz action to index.php, a different vector than CVE-2008-0607. NOTE: CVE disputes this issue, since neither "showbiz" nor "bid" appears in the source code for SOBI2 | |||||
| CVE-2007-5976 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter. | |||||
| CVE-2008-3213 | 1 Webcms | 1 Webcms Portal Edition | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in secciones/tablon/tablon.php in WebCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id parameter to portal/index.php in a tablon action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1425 | 1 Easy-clanpage | 1 Easy-clanpage | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the gallery module in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a kate action. | |||||
| CVE-2008-5973 | 1 Activewebsoftwares | 1 Active Web Mail | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.aspx in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2008-1350 | 1 Fully Modded Phpbb | 1 Fully Modded Phpbb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm) 80220 allows remote attackers to execute arbitrary SQL commands via the k parameter in an article action. | |||||
| CVE-2009-3788 | 1 Opendocman | 1 Opendocman | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmuser (aka Username) parameter. | |||||
| CVE-2007-5449 | 1 Softbiz | 1 Recipes Portal Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in searchresult.php in Softbiz Recipes Portal Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter. | |||||