Total
17829 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1626 | 1 Will Kraft | 1 Ez-blog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in public/specific.php in EZ-Blog before Beta 2 20090427, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2009-2927 | 1 Digitalspinners | 1 Ds Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in DetailFile.php in DigitalSpinners DS CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the nFileId parameter. | |||||
| CVE-2007-6140 | 1 Dora Emlak | 1 Dora Emlak | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) emlak_detay.asp and (b) haber_detay.asp, the (2) kategori parameter to (c) kategorisirala.asp, and the (3) tip parameter to (d) tipsirala.asp. | |||||
| CVE-2008-4347 | 1 Powie | 1 Pnews | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in newskom.php in Powie pNews 2.03 allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | |||||
| CVE-2008-0137 | 1 Snetworks | 1 Php Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in config.inc.php in SNETWORKS PHP CLASSIFIEDS 5.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter. | |||||
| CVE-2008-5988 | 1 Jadu | 1 Jadu Cms For Government | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in scripts/recruit_details.php in Jadu CMS for Government allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0301 | 1 Mapbender | 1 Mapbender | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Mapbender 2.4.4 allow remote attackers to execute arbitrary SQL commands via the gaz parameter to mod_gazetteer_edit.php and other unspecified vectors. | |||||
| CVE-2008-4345 | 1 Webportal | 1 Webportal Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter. | |||||
| CVE-2008-6254 | 1 Jadu | 1 Jadu Galaxies | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in scripts/documents.php in Jadu Galaxies allows remote attackers to execute arbitrary SQL commands via the categoryID parameter. | |||||
| CVE-2009-0299 | 1 Groonesworld | 1 Glinks | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2009-1650 | 1 Tenfourzero | 1 Shutter | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in photos.php in Shutter 0.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) albumID, (2) tagID, and (3) photoID parameters to index.html. | |||||
| CVE-2007-5688 | 3 Invision Power Services, Phpbb, Sebflipper | 3 Invision Power Board, Phpbb, Multi-forums Module | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to execute arbitrary SQL commands via the (1) go and (2) cat parameters. | |||||
| CVE-2008-5496 | 1 Pozscripts | 1 Business Directory Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showcategory.php in PozScripts Business Directory Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-0851 | 1 Stewart Howe | 1 Celerbb | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewforum.php and (2) viewtopic.php. | |||||
| CVE-2008-2835 | 1 Igsuite | 1 Igsuite | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter. | |||||
| CVE-2007-6538 | 2 Moodle, Mrbs | 2 Moodle, Mrbs | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6375 | 1 Bitweaver | 1 Bitweaver | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Bitweaver 2.0.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) sort_mode parameter to wiki/list_pages.php and the (2) highlight parameter to search/index.php. NOTE: the researcher also reported injection via JavaScript code in the Search box, but this is probably a forced SQL error or other separate primary issue. | |||||
| CVE-2009-0829 | 1 Andrew Freed | 1 Quotebook | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the (1) MyBox and (2) selectFavorites parameters to (a) quotes.php and the (3) QuoteName and (4) QuoteText parameters to (b) quotesadd.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3682 | 1 Ypninc | 1 Php Realty | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in dpage.php in YPN PHP Realty allows remote attackers to execute arbitrary SQL commands via the docID parameter. | |||||
| CVE-2007-1573 | 1 Jelsoft | 1 Vbulletin | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field. | |||||