Total
17809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3175 | 1 Boldfx | 1 Model Agency Manager Pro | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Model Agency Manager PRO (formerly Modeling Agency Content Management Script) allow remote attackers to execute arbitrary SQL commands via the user_id parameter to (1) view.php, (2) photos.php, and (3) motm.php; and the (4) id parameter to forum_message.php. | |||||
| CVE-2008-2643 | 1 Joomla | 1 Com Biblestudy | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Bible Study (com_biblestudy) component before 6.0.7c for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a mediaplayer action to index.php. | |||||
| CVE-2008-2129 | 1 Cine | 1 Galleristic | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Galleristic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-6883 | 2 Joomla, Joompolitan | 2 Joomla, Com Livechat | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2114 | 1 Preprojects | 1 Pre Shopping Mall | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2006-5840 | 1 Abarcar | 1 Abarcar Realty Portal | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Abarcar Realty Portal allow remote attackers to execute arbitrary SQL commands via the (1) neid parameter to newsdetails.php, or the (2) slid parameter to slistl.php. NOTE: the cat vector is already covered by CVE-2006-2853. NOTE: the vendor has notified CVE that the current version only creates static pages, and that slistl.php/slid never existed in any version | |||||
| CVE-2009-4046 | 1 Frontaccounting | 1 Frontaccounting | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in FrontAccounting (FA) 2.2.x before 2.2 RC allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) bank_accounts.php, (2) currencies.php, (3) exchange_rates.php, (4) gl_account_types.php, and (5) gl_accounts.php in gl/manage/; and (6) audit_trail_db.inc, (7) comments_db.inc, (8) inventory_db.inc, (9) manufacturing_db.inc, and (10) references_db.inc in includes/db/. | |||||
| CVE-2008-4623 | 2 Joomla, Martin Diphoorn | 2 Joomla, Com Ds-syndicate | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feed_id parameter to index2.php. | |||||
| CVE-2008-4173 | 1 Proarcadescript | 1 Proarcadescript | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ProArcadeScript 1.3 allows remote attackers to execute arbitrary SQL commands via the random parameter to the default URI. | |||||
| CVE-2009-0428 | 1 Dmxready | 1 Secure Document Library | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-0479 | 1 Onlinegrades | 1 Online Grades | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/admin_login.php in Online Grades 3.2.4 allow remote attackers to execute arbitrary SQL commands via the (1) uname or (2) pword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-1870 | 1 Geek247 | 1 Pigmy-sql | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1427 | 2 Joobi, Joomla | 2 Acajoom, Com Acajoom | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joobi Acajoom (com_acajoom) 1.1.5 and 1.2.5 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mailingid parameter in a mailing view action to index.php. | |||||
| CVE-2009-1347 | 1 Chcounter | 1 Chcounter | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via (1) the login_name parameter (aka the username field) or (2) the login_pw parameter (aka the password field). | |||||
| CVE-2008-0325 | 1 Fascript | 1 Fapersian Petition | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4171 | 1 Invision Power Services | 1 Invision Power Board | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||||
| CVE-2008-4355 | 1 Powie | 1 Pforum | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-7170 | 1 Koan Software | 1 Mega Mall | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote attackers to execute arbitrary SQL commands via the (1) t, (2) productId, (3) sk, (4) x, or (5) so parameter to (a) product_review.php; or the (6) orderNo parameter to (b) order-track.php. | |||||
| CVE-2007-4881 | 1 Psi-labs | 1 Social Networking Script Psisns | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile/myprofile.php in psi-labs.com social networking script (psisns), probably 1.0, allows remote attackers to execute arbitrary SQL commands via the u parameter. | |||||
| CVE-2008-6626 | 1 Webbdomain | 1 Quiz | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in getin.php in WEBBDOMAIN Quiz 1.02 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||