Total
17828 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1842 | 1 Phpnuke | 1 Php-nuke | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header. | |||||
| CVE-2008-2781 | 1 Dzoic | 1 Handshakes | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in DZOIC Handshakes 3.5 allows remote attackers to execute arbitrary SQL commands via the fname parameter in a members search action. | |||||
| CVE-2008-5739 | 1 Pligg | 1 Pligg Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 Beta allows remote attackers to execute arbitrary SQL commands via the url parameter. | |||||
| CVE-2007-5104 | 1 Bcoos | 1 Bcoos | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Arcade module in bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a play_game action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-6322 | 1 Cfmsource | 1 Cfmblog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | |||||
| CVE-2009-3806 | 1 Dedecms | 1 Dedecms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in feedback_js.php in DedeCMS 5.1 allows remote attackers to execute arbitrary SQL commands via the arcurl parameter. | |||||
| CVE-2008-5054 | 1 Develop It Easy | 1 Membership System | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters to customer_login.php and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6102 | 1 Ezonescripts | 1 Link Trader Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ratelink.php in Link Trader Script allows remote attackers to execute arbitrary SQL commands via the lnkid parameter. | |||||
| CVE-2009-2774 | 1 Php-paid4mail | 1 Php-paid4mail | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in paidbanner.php in PHP Paid 4 Mail Script allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-5131 | 1 Develop It Easy | 1 News And Article System | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter to article_details.php, and the (2) username and (3) password to the admin panel (admin/index.php). | |||||
| CVE-2008-3669 | 1 Zeescripts | 1 Zeereviews | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP Script (aka ZeeReviews) allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | |||||
| CVE-2008-4736 | 1 Aves | 1 Rpg Board | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the showtopic parameter. | |||||
| CVE-2008-4617 | 3 Joomla, Mambo-foundation, Pyxicom | 3 Joomla, Mambo, Actualite | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6671 | 1 Instantsoftwares | 1 Dating Site | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-6021. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3315 | 1 Nelogic | 1 Nephp Publisher | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/index.php in NeLogic Nephp Publisher Enterprise 3.5.9 and 4.5 allows remote attackers to execute arbitrary SQL commands via the Username field. | |||||
| CVE-2008-4328 | 1 Easyrealtorpro | 1 Easyrealtorpro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in site_search.php in EasyRealtorPRO 2008 allows remote attackers to execute arbitrary SQL commands via the (1) item, (2) search_ordermethod, and (3) search_order parameters. | |||||
| CVE-2008-6457 | 2 Typo3, Walnutstreet | 2 Typo3, Cgswigmore | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Swigmore institute (cgswigmore) extension before 0.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-2439 | 1 Web Development House | 1 Alibaba Clone | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Web Development House Alibaba Clone allow remote attackers to execute arbitrary SQL commands via the (1) IndustryID parameter to category.php and the (2) SellerID parameter to supplier/view_contact_details.php. NOTE: this is a product that was developed by a third party; it is not associated with alibaba.com or the Alibaba Group. | |||||
| CVE-2009-2339 | 1 Rentventory | 1 Rentventory | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Rentventory allows remote attackers to execute arbitrary SQL commands via the product parameter. | |||||
| CVE-2009-3712 | 1 Ebayclonescript | 1 Ebay Clone | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php; and the item_id parameter to (2) view_full_size.php, (3) classifide_ad.php, and (4) crosspromoteitems.php. | |||||