Total
17849 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5637 | 1 Parsblogger | 1 Parsblogger | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows remote attackers to execute arbitrary SQL commands via the wr parameter. | |||||
| CVE-2009-1023 | 1 Phpcomasy | 1 Phpcomasy | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpComasy 0.9.1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter. | |||||
| CVE-2008-4516 | 1 Galerie | 1 Galerie | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in galerie.php in Galerie 3.2 allows remote attackers to execute arbitrary SQL commands via the pic parameter. | |||||
| CVE-2009-0452 | 1 Onlinegrades | 1 Online Grades | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in parents/login.php in Online Grades 3.2.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) uname or (2) pass parameter. | |||||
| CVE-2008-4743 | 1 Quidascript | 1 Faq Management Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in QuidaScript FAQ Management Script allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2009-3209 | 1 Raizlabs | 1 Php Email Manager | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-3406 | 1 Phplinkat | 1 Phplinkat | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showcat.php in phpLinkat 0.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-4657 | 1 Typo3 | 2 Econda Plugin, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2007-6032 | 1 Aleris | 1 Web Publishing Server | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendar/page.asp in Aleris Web Publishing Server 3.0 allows remote attackers to execute arbitrary SQL commands via the mode parameter. | |||||
| CVE-2009-2402 | 1 Phpecho Cms | 1 Phpecho Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a thread action, a different vector than CVE-2008-0355. | |||||
| CVE-2008-2774 | 1 Cartkeeper | 1 Ckgold Shopping Cart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in item.php in CartKeeper CKGold Shopping Cart 2.5 and 2.7 allows remote attackers to execute arbitrary SQL commands via the category_id parameter, a different vector than CVE-2007-4736. | |||||
| CVE-2007-5371 | 1 Modxcms | 1 Modxcms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in mutate_content.dynamic.php in MODx 0.9.6 allow remote attackers to execute arbitrary SQL commands via the (1) documentDirty or (2) modVariables parameter. | |||||
| CVE-2008-5811 | 1 Joomla | 2 Com Paxgallery, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the PaxGallery (com_paxgallery) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter in a table action to index.php. | |||||
| CVE-2008-5494 | 2 Digitalgreys, Joomla | 2 Com Contactinfo, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||
| CVE-2009-3968 | 1 Itechscripts | 1 Itechbids | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php, (2) cate_id parameter to category.php, (3) id parameter to news.php, and (4) productid parameter to itechd.php. NOTE: the sellers_othersitem.php, classifieds.php, and shop.php vectors are already covered by CVE-2008-3238. | |||||
| CVE-2008-3374 | 1 Gregarius | 1 Gregarius | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action. | |||||
| CVE-2009-3582 | 1 Sql-ledger | 1 Sql-ledger | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search operation. | |||||
| CVE-2008-3880 | 1 Zoneminder | 1 Zoneminder | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary SQL commands via the filter array parameter. | |||||
| CVE-2007-5181 | 1 Netkamp | 1 Netkamp Emlak Scripti | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detay.asp in Netkamp Emlak Scripti allows remote attackers to execute arbitrary SQL commands via the ilan_id parameter. | |||||
| CVE-2008-1863 | 1 Prozilla | 1 Cheats | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_reviews.php in Prozilla Cheat Script (aka Cheats) 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||