Total
17849 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4143 | 1 Razorecommerce | 1 Shopping Cart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category_search.php in RazorCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4492 | 1 Yourownbux | 1 Yourownbux | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in referrals.php in YourOwnBux 4.0 allows remote attackers to execute arbitrary SQL commands via the usNick cookie. | |||||
| CVE-2009-3510 | 1 Dataspheric | 1 Linkspheric | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewListing.php in linkSpheric 0.74 Beta 6 allows remote attackers to execute arbitrary SQL commands via the listID parameter. | |||||
| CVE-2008-1646 | 2 Arnos Toolbox, Wordpress | 2 Wp-download, Wp Download | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wp-download.php in the WP-Download 1.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the dl_id parameter. | |||||
| CVE-2007-5887 | 1 Infuseum | 1 Asp Message Board | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in boards/printer.asp in ASP Message Board 2.2.1c allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5803 | 1 E-topbiz | 1 Online Store | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in E-topbiz Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka username field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2063 | 1 Joovili | 1 Joovili | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2007-3937 | 1 A-shop | 1 A-shop | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-3133 | 1 Barenuked | 1 Barenuked Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2008-4897 | 1 Logz | 1 Logz | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in fichiers/add_url.php in Logz podcast CMS 1.3.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the art parameter. | |||||
| CVE-2008-4527 | 1 Php-fusion | 1 Recepies Module | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in recept.php in the Recepies (Recept) module 1.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the kat_id parameter in a kategorier action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4611 | 1 Php Arsivimiz | 1 Php Ziyaretci Defteri | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHP Arsivimiz Php Ziyaretci Defteri allows remote attackers to execute arbitrary SQL commands via the sayfa parameter. | |||||
| CVE-2009-3418 | 1 Plume-cms | 1 Plume Cms | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow (1) remote authenticated users to execute arbitrary SQL commands via the m parameter to manager/index.php and (2) remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an edit_link action to manager/tools.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0224 | 1 Runcms | 1 Runcms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Newbb_plus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter. | |||||
| CVE-2008-4881 | 1 Yourfreeworld | 1 Reminder Service Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Reminder Service Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6104 | 1 A4desk | 1 A4desk Flash Event Calendar | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in A4Desk PHP Event Calendar allows remote attackers to execute arbitrary SQL commands via the eventid parameter to admin/index.php. | |||||
| CVE-2008-4055 | 1 Texmedia | 1 Million Pixel Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tops_top.php in Million Pixel Ad Script (Million Pixel Script) allows remote attackers to execute arbitrary SQL commands via the id_cat parameter. | |||||
| CVE-2009-2735 | 1 Sun-jester | 1 Opennews | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin.php in sun-jester OpenNews 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2009-4263 | 1 Ptcpay | 1 Gen3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main_forum.php in PTCPay GeN3 forum 1.3 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2009-2096 | 1 David Degner | 1 Phpcollegeexchange | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in house/listing_view.php in phpCollegeExchange 0.1.5c allows remote attackers to execute arbitrary SQL commands via the itemnr parameter. | |||||