Total
17809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3313 | 1 Fmyclone | 1 Fmyclone | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to (1) index.php and (2) editComments.php, and (3) allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action to edit.php. | |||||
| CVE-2009-2113 | 1 Fretsweb Project | 1 Fretsweb | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) name parameter to player.php and the (2) hash parameter to song.php. | |||||
| CVE-2008-6627 | 1 Webbdomain | 1 Webshop | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in getin.php in WEBBDOMAIN WebShop 1.2, 1.1, 1.02, and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-6028 | 1 University Of Queensland | 1 Fez | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in list.php in University of Queensland Library Fez 1.3 and 2.0 RC1 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter in a subject action. | |||||
| CVE-2008-5287 | 1 Scripts4you | 1 Faq Manager | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in catagorie.php in Werner Hilversum FAQ Manager 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-2770 | 1 Mycrocms | 1 Mycrocms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the entry_id parameter. | |||||
| CVE-2008-2679 | 1 Realm Project | 1 Realm Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the KeyWordsList function in _includes/inc_routines.asp in Realm CMS 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the kwrd parameter in a kwl action to the default URI. | |||||
| CVE-2008-3193 | 1 Sclek | 1 Jsite | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the page parameter to the default URI. | |||||
| CVE-2007-6014 | 1 Beehive Forum | 1 Beehive Forum | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t_dedupe parameter. | |||||
| CVE-2008-4772 | 1 Questwork | 1 Questcms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main/main.php in QuestCMS allows remote attackers to execute arbitrary SQL commands via the obj parameter. | |||||
| CVE-2008-6246 | 1 Scripts-for-sites | 1 Ez Webring | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in Scripts For Sites (SFS) EZ Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2630 | 1 Joomla | 1 Com Jb2 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter in a category action to index.php. | |||||
| CVE-2008-6867 | 1 Scripts For Sites | 1 Ez Career | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter. | |||||
| CVE-2008-6078 | 1 Limbo Cms | 2 Com Privmsg, Limbo Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in open.php in the Private Messaging (com_privmsg) component for Limbo CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a pms action to index.php. | |||||
| CVE-2008-6338 | 2 Typo3, Weber-ebusiness | 2 Typo3, Wes Facilities | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the WEBERkommunal Facilities (wes_facilities) extension 2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6730 | 1 China-on-site | 1 Flexphplink | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php. | |||||
| CVE-2008-4348 | 1 Outshine | 1 Phportfolio | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in photo.php in PHPortfolio, possibly 1.3, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2900 | 1 Phpauction | 1 Phpauction | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0911 | 1 Iscripts | 1 Multicart | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in productdetails.php in iScripts MultiCart 2.0 allows remote authenticated users to execute arbitrary SQL commands via the productid parameter. | |||||
| CVE-2008-5785 | 1 V3chat | 1 V3 Chat Profiles Dating Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. | |||||