Total
17827 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3027 | 1 Vangogh Web Cms | 1 Vangogh Web Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php. | |||||
| CVE-2008-1315 | 1 Php-nuke | 1 Zclassifieds | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the ZClassifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter to modules.php. | |||||
| CVE-2007-6586 | 1 Niclor | 1 Niclor | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php. | |||||
| CVE-2009-2023 | 1 Shop-script | 1 Shop-script | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Shop-Script Pro 2.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the current_currency parameter. | |||||
| CVE-2008-0469 | 1 Tiger Php News System | 1 Tiger Php News System | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Tiger Php News System (TPNS) 1.0b and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a newscat action. | |||||
| CVE-2008-6319 | 1 Cfmsource | 1 Cf Calendar | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter. | |||||
| CVE-2007-6518 | 1 Woltlab | 1 Burning Board Lite | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters. | |||||
| CVE-2008-3713 | 1 Phpbasket | 1 Phpbasket | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product.php in PHPBasket allows remote attackers to execute arbitrary SQL commands via the pro_id parameter. | |||||
| CVE-2008-3506 | 1 Polypager | 1 Polypager | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to execute arbitrary SQL commands via the nr parameter to the default URI. | |||||
| CVE-2008-6419 | 1 Socialsitegenerator | 1 Social Site Generator | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php. | |||||
| CVE-2008-2753 | 1 Paridel | 1 Pooya Site Builder | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pooya Site Builder (PSB) 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) xslIdn parameter to (a) utils/getXsl.aspx, and the (2) part parameter to (b) getXml.aspx and (c) getXls.aspx in utils/. | |||||
| CVE-2008-2554 | 1 Bp Blog | 1 Bp Blog | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp. | |||||
| CVE-2008-3497 | 1 Myphp Cms | 1 Myphp Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in pages.php in MyPHP CMS 0.3.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2007-6169 | 1 Gouae | 1 Dwd Realty | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty allows remote attackers to execute arbitrary SQL commands via the uname parameter, a different vector than CVE-2007-6163. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2130 | 1 Igaming | 1 Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in poll_vote.php in iGaming CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1094 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter. | |||||
| CVE-2008-6182 | 1 Joomla | 2 Ignitegallery, Joomla\! | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) component 0.8.0 through 0.8.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gallery parameter in a view action to index.php. | |||||
| CVE-2007-4456 | 2 Mambo, Parkview Consultants | 2 Mambo, Simplefaq | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the SimpleFAQ (com_simplefaq) 2.11 component for Mambo allows remote attackers to execute arbitrary SQL commands via the aid parameter. NOTE: it was later reported that 2.40 is also affected, and that the component can be used in Joomla! in addition to Mambo. | |||||
| CVE-2008-3774 | 1 Simasy | 1 Simasy Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Simasy CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1990 | 1 Acidcat | 1 Acidcat Cms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) cID parameter to default.asp and the (2) username parameter to main_login2.asp. | |||||