Total
17849 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5168 | 1 Easysitenetwork | 1 Tips Complete Website | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tip.php in Tips Complete Website 1.2.0 allows remote attackers to execute arbitrary SQL commands via the tipid parameter. | |||||
| CVE-2008-6165 | 1 Easy-script | 1 Cspartner | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in gestion.php in CSPartner 0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) pseudo and (2) passe parameters. | |||||
| CVE-2008-6652 | 1 Insanevisions | 1 Onecms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the sitename parameter. | |||||
| CVE-2008-6625 | 1 Webbdomain | 1 Polls | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in getin.php in WEBBDOMAIN Polls (aka Poll) 1.0 and 1.01 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-6462 | 2 Kurt Gusbeth, Typo3 | 2 Myquizpoll, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 0.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-1077 | 1 Mamboportal.com | 1 Simpleboard | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Simpleboard (com_simpleboard) 1.0.3 Stable component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action. | |||||
| CVE-2008-2197 | 1 Miniweb2 | 1 Blog Writer | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the blogwriter module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter to index.php. | |||||
| CVE-2008-4371 | 1 Availscript | 1 Availscript Article Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in articles.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the aIDS parameter. | |||||
| CVE-2007-6125 | 1 Softbiz | 1 Freelancers Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search_form.php in Softbiz Freelancers Script 1 allows remote attackers to execute arbitrary SQL commands via the sb_protype parameter. | |||||
| CVE-2008-0129 | 1 Siteatschool | 1 Siteatschool | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and earlier allows remote attackers to execute arbitrary SQL commands via the album_name parameter. | |||||
| CVE-2008-6365 | 1 Adserversolutions | 1 Ad Management Software | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad Management Software Java allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, related to the uname or pass parameters to logon.jsp or logon_processing.jsp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6299 | 1 Drupal | 1 Drupal | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x before 4.7.9 and 5.x before 5.4 allow remote attackers to execute arbitrary SQL commands via modules that pass input to the taxonomy_select_nodes function, as demonstrated by the (1) taxonomy_menu, (2) ajaxLoader, and (3) ubrowser contributed modules. | |||||
| CVE-2008-6990 | 1 Ezphotogallery | 1 Ezphotogallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-7059 | 1 Aled Owen | 1 One-news | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter. | |||||
| CVE-2008-7153 | 1 Docebo | 1 Docebo | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitrary PHP code using the INTO DUMPFILE command. | |||||
| CVE-2009-3502 | 1 Bpowerhouse | 1 Bpmusic | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote attackers to execute arbitrary SQL commands via the music_id parameter. | |||||
| CVE-2008-6042 | 1 Netartmedia | 1 Real Estate Portal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the re_search module in NetArtMedia Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the ad parameter to index.php. | |||||
| CVE-2008-5820 | 1 Edreamers | 1 Ednews | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in eDNews_view.php in eDreamers eDNews 2 allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | |||||
| CVE-2008-3044 | 1 Typo3 | 1 News Calendar Extension | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the News Calendar (newscalendar) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2007-3933 | 1 Quickestore | 1 Quickestore | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in insertorder.cfm in QuickEStore 8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the CFTOKEN parameter, a different vector than CVE-2006-2053. | |||||