Total
17829 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4906 | 2 E107, W1n78 | 2 E107, Lyrics | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lyrics_song.php in the Lyrics (lyrics_menu) plugin 0.42 for e107 allows remote attackers to execute arbitrary SQL commands via the l_id parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6115 | 1 Prozilla | 1 Hosting Index | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action, a different vector than CVE-2008-2083. | |||||
| CVE-2009-3343 | 1 Hotwebscripts | 1 Hotweb Rentals | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in details.asp in HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PropId parameter. | |||||
| CVE-2008-2537 | 1 Hispah | 1 Model Search | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cat.php in HispaH Model Search allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-6245 | 1 Scripts-for-sites | 1 Ez Biz Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in track.php in Scripts For Sites (SFS) EZ BIZ PRO allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6318 | 1 Wordpress | 1 Wordpress | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or possibly other character set encodings that support a "\" in a multibyte character. | |||||
| CVE-2008-2627 | 1 Joomla | 1 Com Idoblog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the IDoBlog (com_idoblog) component b24 and earlier and 1.0, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the userid parameter in a userblog action to index.php. | |||||
| CVE-2008-6227 | 1 Preproject | 1 Pre Multi-vendor Shopping Malls | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters. | |||||
| CVE-2009-2423 | 1 Ebayclonescript | 1 Ebay Clone | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter in a list action. | |||||
| CVE-2009-0528 | 1 Rhadrix | 1 If-cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in frame.php in Rhadrix If-CMS 2.07 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5321 | 2 Xoops, Xoops Hocasi | 2 Xoops, Gesgaleri | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the no parameter. | |||||
| CVE-2008-5588 | 1 Katywhitton | 1 Rankem | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the siteID parameter. | |||||
| CVE-2008-5365 | 1 Activewebsoftwares | 1 Activevotes | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in VoteHistory.asp in ActiveWebSoftwares ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter. | |||||
| CVE-2008-3152 | 1 Orbitscripts | 2 Smartppc, Smartppc Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote attackers to execute arbitrary SQL commands via the idDirectory parameter. | |||||
| CVE-2008-3750 | 1 Yourfreeworld | 1 Url Rotator Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1554 | 1 Topper | 1 Toppermod | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in account/index.php in TopperMod 2.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a non-alphanumeric first character the localita parameter, which bypasses a protection mechanism. | |||||
| CVE-2007-4956 | 1 Kwsphp | 1 Kwsphp | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to login.php, (2) the id parameter to index.php in a carnet editer action in the Member_Space (espace_membre) module, or (3) the typenav parameter to index.php in a browser aff action in the stats module. | |||||
| CVE-2008-5599 | 1 Merlix | 1 Teamworx Server | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to execute arbitrary SQL commands via the password parameter (aka passwd field) in a login action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0741 | 1 Craftsilicon | 1 Banking\@home | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Login.asp in Craft Silicon Banking@Home 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the LoginName parameter. | |||||
| CVE-2009-3974 | 1 Invisioncommunity | 1 Invision Power Board | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Invision Power Board (IPB or IP.Board) 3.0.0, 3.0.1, and 3.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) search_term parameter to admin/applications/core/modules_public/search/search.php and (2) aid parameter to admin/applications/core/modules_public/global/lostpass.php. NOTE: on 20090818, the vendor patched 3.0.2 without changing the version number. | |||||