Total
17830 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3083 | 2 Brightcode, Joomla | 2 Brightcode Weblinks Module, Com Brightweblinks | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-2791 | 1 Kalptaru Infotech | 1 Comparison Engine Power Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6389 | 1 Aliensoftcorp | 1 Rae Media Contact Management | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, Standard, and Enterprise allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2006-6048 | 1 Etomite | 1 Etomite | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Etomite CMS 0.6.1.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-3494 | 1 Todor Lazarov | 1 T-htb Manager | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in index.php in T-HTB Manager 0.5, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a delete_category action, (2) the name parameter in an update_category action, and other vectors. | |||||
| CVE-2008-6642 | 1 Dotcontent | 1 Fluentcms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in DotContent FluentCMS 4.x allows remote attackers to execute arbitrary SQL commands via the sid parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-2790 | 1 Softbiz | 1 Dating Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4. | |||||
| CVE-2008-3487 | 1 Phpauctions | 1 Phpauction Gpl Enhanced | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-2000 | 1 Raphael Limbach | 1 Crea-book | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/admin.php in Crea-Book 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pseudo or (2) passe parameter. | |||||
| CVE-2008-2819 | 1 Blognplus | 1 Blognplus | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL editions allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-2599 | 1 Radscripts | 1 Radclassifieds | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RadCLASSIFIEDS Gold 2.0 allows remote attackers to execute arbitrary SQL commands via the seller parameter in a search action. | |||||
| CVE-2006-5738 | 1 Punbb | 1 Punbb | 2025-04-09 | 2.1 LOW | 7.2 HIGH |
| Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-2781 | 1 Arabportal | 1 Arab Portal | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in forum.php in Arab Portal 2.x, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the qc parameter in an addcomment action, a different vector than CVE-2006-1666. | |||||
| CVE-2008-6258 | 1 Quadcomm | 1 Q-shop | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108. | |||||
| CVE-2008-2460 | 1 Vbulletin | 1 Vbulletin | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in faq.php in vBulletin 3.7.0 Gold allows remote attackers to execute arbitrary SQL commands via the q parameter in a search action. | |||||
| CVE-2008-4703 | 1 Bosdev | 1 Bosnews | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows remote attackers to execute arbitrary SQL commands via the article parameter. | |||||
| CVE-2008-3151 | 2 Phpnuke, Warpspeed | 2 4ndvddb, 4ndvddb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_dvd action. | |||||
| CVE-2008-1915 | 1 Devworx | 1 Blogworx | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.asp in DevWorx BlogWorx 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6301 | 2 Phpbb, Prezmo | 2 Phpbb, Small Shoutbox | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox module 1.4 for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action. | |||||
| CVE-2009-3972 | 2 Joomla, Qproje | 2 Joomla\!, Com Siirler | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Q-Proje Siirler Bileseni (com_siirler) component 1.2 RC for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in an sdetay action to index.php. | |||||