Total
17829 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6349 | 1 Turnkeyforms | 1 Business Survey Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4658 | 1 Typo3 | 2 Jobcontrol, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6648 | 1 Ktools | 1 Photostore | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter to about_us.php. NOTE: this might be the same issue as CVE-2008-6647. | |||||
| CVE-2009-2400 | 2 Fijiwebdesign, Joomla | 2 Com Php, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2007-2113 | 1 Oracle | 1 Database Server | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Upgrade/Downgrade component (DBMS_UPGRADE_INTERNAL) for Oracle Database 10.1.0.5 allows remote authenticated users to execute arbitrary SQL commands via unknown vectors, aka DB07. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB07 is actually for multiple issues. | |||||
| CVE-2008-4157 | 1 Vastal | 1 Phpvid | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected. | |||||
| CVE-2008-2532 | 1 Aj Square | 1 Aj Hyip | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum/topic_detail.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4625 | 2 Shiftthis, Wordpress | 2 Shifthis Newsletter, Wordpress | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in stnl_iframe.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter, a different vector than CVE-2008-0683. | |||||
| CVE-2007-5122 | 1 Softbizscripts | 1 Classifieds Plus Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in store_info.php in SoftBiz Classifieds PLUS allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-1816 | 1 Mygamescript | 1 My Game Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.php in My Game Script 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the username field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1847 | 1 Coronamatrix | 1 Phpaddressbook | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2183 | 1 Toocharger | 1 Smartblog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to execute arbitrary SQL commands via the idt parameter. | |||||
| CVE-2007-5643 | 1 Lussumo | 1 Vanilla | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the CategoryID parameter to ajax/sortcategories.php or (2) an unspecified vector to ajax/sortroles.php. | |||||
| CVE-2009-0403 | 1 Chipmunk Scripts | 1 Chipmunk Blogger | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2008-6213 | 1 Harlandscripts | 1 Pro Traffic One | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mypage.php in Harlandscripts Pro Traffic One allows remote attackers to execute arbitrary SQL commands via the trg parameter. | |||||
| CVE-2008-4464 | 1 Vastal I-tech | 1 Mag Zone | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_mags.php in Vastal I-Tech Mag Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2007-4892 | 1 Swsoft | 1 Plesk | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, 8.1.1, and 8.2.0 for Windows allow remote attackers to execute arbitrary SQL commands via a PLESKSESSID cookie to (1) login.php3 or (2) auth.php3. | |||||
| CVE-2008-3861 | 1 Phpmyrealty | 1 Phpmyrealty | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in pages.php and (2) the price_max parameter in search.php. | |||||
| CVE-2008-4460 | 1 Vastal I-tech | 1 Mmorpg Zone | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in game.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the game_id parameter. | |||||
| CVE-2008-7116 | 1 Webidsupport | 1 Webid | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the username. | |||||