Total
17809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3302 | 1 Tuxplanet | 1 Bilboblog | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in admin/delete.php in BilboBlog 0.2.1, when magic_quotes_gpc is disabled, allows remote authenticated administrators to execute arbitrary SQL commands via the num parameter. | |||||
| CVE-2008-3512 | 1 Php Nuke | 1 Kleinanzeigen Module | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the lid parameter in a visit action to modules.php. | |||||
| CVE-2007-4979 | 1 Kwsphp | 1 Kwsphp | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the sondages module in KwsPHP 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a results action, a different module than CVE-2007-4956.2. | |||||
| CVE-2007-6202 | 1 Neocrome | 1 Seditio | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php. | |||||
| CVE-2008-6031 | 1 Wsn Links | 1 Wsn Links | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable. | |||||
| CVE-2007-5951 | 1 E-vendejo | 1 0.2 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-7118 | 1 Dmxready | 1 Site Engine Manager | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in DMXReady Site Engine Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the mid parameter. | |||||
| CVE-2008-3347 | 1 Myiosoft | 1 Easydynamicpages | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to execute arbitrary SQL commands via the read parameter. | |||||
| CVE-2007-6159 | 1 Tilde | 1 Tilde Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to execute arbitrary SQL commands via the aarstal parameter in a yeardetail action, a different vector than CVE-2006-1500. | |||||
| CVE-2008-5307 | 1 Pilot Group | 1 Pg Real Roommate Finder Solution | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/index.php in PG Roommate Finder Solution allows remote attackers to execute arbitrary SQL commands via the login_lg parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0421 | 1 Joomla | 2 Com Eventing, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||
| CVE-2008-6394 | 1 Cs-cart | 1 Cs-cart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter. | |||||
| CVE-2009-0334 | 1 Katywhitton | 1 Blogit\! | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action. | |||||
| CVE-2008-2340 | 1 News Manager | 1 News Manager | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) lang parameter to (a) advsearch.php, (b) archive.php, and (c) index.php, and the (2) pid parameter to (d) list_tagitems.php. | |||||
| CVE-2008-2763 | 1 Xigla | 1 Absolute Live Support Xe | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in search.asp in Xigla Absolute Live Support XE 5.1 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. | |||||
| CVE-2009-3358 | 1 Tourismscripts | 1 Adult Portal Escort Listing | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | |||||
| CVE-2008-0616 | 1 Dmsguestbook Project | 1 Dmsguestbook | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. NOTE: it is not clear whether this issue crosses privilege boundaries. | |||||
| CVE-2009-1945 | 1 Tzo | 1 Webcal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in webCal3_detail.asp in WebCal 3.04 allows remote attackers to execute arbitrary SQL commands via the event_id parameter. | |||||
| CVE-2009-1500 | 1 Projectcms | 1 Projectcms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in ProjectCMS 1.0 Beta allows remote attackers to execute arbitrary SQL commands via the sn parameter. | |||||
| CVE-2008-0832 | 2 Joomla, Mambo | 2 Kemas Antonius Com Quran, Kemas Antonius Com Quran | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action. | |||||