Total
17819 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2590 | 1 Resalecode | 1 Hutscripts Php Website Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showcategory.php in Hutscripts PHP Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-2888 | 1 Phpscriptsnow | 1 Hangman | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to execute arbitrary SQL commands via the n parameter. | |||||
| CVE-2009-3436 | 1 Maxwebportal | 1 Maxwebportal | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in forum.asp in MaxWebPortal allow remote attackers to execute arbitrary SQL commands via the (1) FORUM_ID or (2) CAT_ID parameter. NOTE: this might overlap CVE-2005-1417. | |||||
| CVE-2008-6692 | 2 Fr.simon Rundell, Typo3 | 2 Pd Trainingcourses, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2008-3419 | 1 Greatclone | 1 Youtuber Clone | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ugroups.php in Youtuber Clone allows remote attackers to execute arbitrary SQL commands via the UID parameter. | |||||
| CVE-2008-0353 | 1 Php-residence | 1 Php-residence | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in visualizza_tabelle.php in php-residence 0.7.2 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cognome_cerca parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0429 | 1 Activewebsoftwares | 1 Active Bids | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Active Bids allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to search.asp, (2) SortDir parameter to auctionsended.asp, and the (3) catid parameter to wishlist.php. | |||||
| CVE-2008-0451 | 1 Pacercms | 1 Pacercms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) siteadmin/article-edit.php; and unspecified parameters to (2) submitted-edit.php, (3) page-edit.php, (4) section-edit.php, (5) staff-edit.php, and (6) staff-access.php in siteadmin/. | |||||
| CVE-2008-2792 | 1 Erocms | 1 Erocms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in eroCMS 1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the site parameter. | |||||
| CVE-2009-2366 | 1 Datachecknh | 2 Forumpal, Forumpal Fe | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp in DataCheck Solutions ForumPal FE 1.1 and ForumPal 1.5 allows remote attackers to execute arbitrary SQL commands via the (1) password parameter in 1.1 and (2) p_password parameter in 1.5. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2691 | 1 Jiro | 1 Faq Manager Experience | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.asp in JiRo's FAQ Manager eXperience 1.0 allows remote attackers to execute arbitrary SQL commands via the fID parameter. | |||||
| CVE-2008-2868 | 1 Duware | 1 Ducalendar | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter. | |||||
| CVE-2008-0562 | 1 Mamboserver | 2 Joomla, Mambo | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-4674 | 1 Conkurent | 1 Real Estate | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in realestate-index.php in Conkurent Real Estate Manager 1.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in browse mode. | |||||
| CVE-2008-6390 | 1 Ocean12tech | 1 Membership Manager Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0773 | 3 Joomla, Mambo, Phil Taylor | 4 Com Comments, Com Comments, Comments and 1 more | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-2978 | 1 Sugarcrm | 1 Sugarcrm | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SugarCRM 4.5.1o and earlier, 5.0.0k and earlier, and 5.2.0g and earlier, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-4462 | 1 Vastal I-tech | 1 Visa Zone | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_news.php in Vastal I-Tech Visa Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | |||||
| CVE-2006-7231 | 1 Civica Software | 1 Civica | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in display.asp in Civica Software Civica allows remote attackers to execute arbitrary SQL commands via the Entry parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2484 | 1 Xomol | 1 Xomol Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter. | |||||