Total
17849 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0829 | 3 Joomla, Joomlapixel, Mambo | 3 Joomla, Jooget, Mambo | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task. | |||||
| CVE-2008-5003 | 1 Shahrood | 1 Shahrood | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-3434 | 3 Joomla, Mambo, Onestopjoomla | 3 Joomla, Mambo, Com Tupinambis | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php. | |||||
| CVE-2008-3125 | 1 Mole Group | 1 Lastminute Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-0173 | 1 Gforge | 1 Gforge | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Gforge 4.6.99 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified parameters, related to RSS exports. | |||||
| CVE-2006-6157 | 1 Michaelis Freunde | 1 Contentnow | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ContentNow 1.39 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter. NOTE: this issue can be leveraged for path disclosure with an invalid pageid parameter. | |||||
| CVE-2008-2925 | 1 Valarsoft | 1 Webmatic | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Webmatic before 2.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6100 | 1 Berlios | 1 Discussion Forum 2k | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter to (a) RSS1.php and (b) RSS2.php in misc/; and the (2) SubID parameter to (c) misc/RSS5.php. | |||||
| CVE-2009-2383 | 2 Blogtrafficexchange, Wordpress | 2 Related-sites, Wordpress | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the guid parameter. | |||||
| CVE-2008-2384 | 2 Apache, Joey Schulze | 2 Http Server, Mod Auth Mysql | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request. | |||||
| CVE-2009-2276 | 2 Biglle, Punbb | 2 Vote For Us Extension, Punbb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in voteforus.php in the Vote For Us extension 1.0.1 and earlier for PunBB allows remote attackers to execute arbitrary SQL commands via the out parameter. | |||||
| CVE-2008-4074 | 1 Zanfi Solutions | 1 Autodealers Cms Autonline | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-0739 | 1 Shoppingtree | 1 Candypress Store | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and earlier 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the FedExAccount parameter. | |||||
| CVE-2008-4344 | 1 6rbscript | 1 6rbscript | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cat.php in 6rbScript allows remote attackers to execute arbitrary SQL commands via the CatID parameter. | |||||
| CVE-2008-3241 | 1 Ultrastats | 1 Ultrastats | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in players-detail.php in UltraStats 0.2.136, 0.2.140, and 0.2.142 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-3835 | 2 Joomla, Whorl Ltd | 2 Joomla, Jshop | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JShop (com_jshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a product action to index.php. | |||||
| CVE-2009-3217 | 1 Wiccle | 1 Iwiccle | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the member_id parameter in an edit_user action to index.php. | |||||
| CVE-2009-0516 | 1 Businessspace | 1 Businessspace | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the classified page (classified.php) in BusinessSpace 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2007-4835 | 1 Phpmyquote | 1 Phpmyquote | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpMyQuote 0.20 allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action. | |||||
| CVE-2008-2890 | 1 Offl | 1 Online Fantasy Football League | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.php, the (2) league_id parameter to leagues.php, and the (3) player_id parameter to players.php. | |||||