Total
17805 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4603 | 1 Igaming | 1 Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action. | |||||
| CVE-2009-3148 | 1 Portalxp | 1 Portalxp | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) calendar.php, (2) news.php, and (3) links.php; and the (4) assignment_id parameter to assignments.php. | |||||
| CVE-2008-2901 | 1 Haudenschilt | 1 Family Connections Cms | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter to home.php in a results action. | |||||
| CVE-2008-1496 | 1 Peel | 1 Peel | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to (a) membre.php, and the (2) timestamp parameter to (b) the details action in achat/historique_commandes.php and (c) the facture action in factures/facture_html.php. | |||||
| CVE-2008-6362 | 1 Ezonelink | 1 Multiple Membership Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sitepage.php in Multiple Membership Script 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4094 | 1 Rubyonrails | 2 Rails, Ruby On Rails | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) :limit and (2) :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer. | |||||
| CVE-2008-0099 | 1 Myphp Forum | 1 Myphp Forum | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the searchtext parameter to search.php, and unspecified other vectors. | |||||
| CVE-2008-6203 | 1 Jakob-persson | 1 Cobalt | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-1920 | 1 Smodbip | 1 Smodbip | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the aktualnosci module in SmodBIP 1.06 and earlier allows remote attackers to execute arbitrary SQL commands via the zoom parameter, possibly related to home.php. | |||||
| CVE-2009-0384 | 1 Adam Tomecek | 1 Ownrs | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6656 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in content_css.php in the TinyMCE module for CMS Made Simple 1.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the templateid parameter. | |||||
| CVE-2008-5863 | 2 V-gn, Woltlab | 2 Userlocator, Burning Board | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in locator.php in the Userlocator module 3.0 for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the y parameter in a get_user action. | |||||
| CVE-2008-6808 | 1 Scripts-for-sites | 1 Ez Link Directory | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in links.php in Scripts for Sites (SFS) EZ Link Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | |||||
| CVE-2008-6311 | 1 Butterflymedia | 1 Butterfly Organizer | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 allows remote attackers to execute arbitrary SQL commands via the mytable parameter. NOTE: the id vector is covered by another CVE name. | |||||
| CVE-2008-3757 | 1 Yourfreeworld | 1 Forced Matrix Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr1.php in YourFreeWorld Forced Matrix Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0614 | 1 Photokorn | 1 Gallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Photokorn Gallery 1.543 allows remote attackers to execute arbitrary SQL commands via the pic parameter in a showpic action. | |||||
| CVE-2007-6127 | 1 Project Alumni | 1 Project Alumni | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the year parameter to (1) view.page.inc.php, which is reachable through a view action to index.php; or (2) the year parameter to news.page.inc.php, which is reachable through a news action to index.php. | |||||
| CVE-2008-3942 | 1 Ozsari | 1 Full Php Emlak Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in landsee.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-0377 | 1 Joomla | 2 Com Beamospetition, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132. | |||||
| CVE-2009-2016 | 1 Virtuenetz | 1 Virtue Shopping Mall | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in products.php in Virtue Shopping Mall allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||