Total
17822 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0429 | 1 Alstrasoft | 1 Forum Pay Per Post Exchange | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a forum_catview action. | |||||
| CVE-2008-3039 | 1 Typo3 | 1 Dam Frontend Extension | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6214 | 1 Harlandscripts | 1 Pro Traffic One | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in poll_results.php in Harlandscripts Pro Traffic One allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2796 | 1 Freecms.us | 1 Freecms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2008-5609 | 1 Typo3 | 2 Commerce Extension, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-1750 | 1 Livecart | 1 Livecart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Integry Systems LiveCart 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to the /category URI. | |||||
| CVE-2008-0254 | 1 Wavelink Media | 1 Tutorialcms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter. | |||||
| CVE-2009-3758 | 1 Citrix | 1 Xencenterweb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2006-5603 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2025-04-09 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2008-0685 | 1 Itechscripts | 1 Itechclassifieds | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter. | |||||
| CVE-2008-3586 | 1 Joomla | 1 Com Ezstore | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the EZ Store (com_ezstore) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2009-1548 | 1 Qsix | 1 Blusky Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in BluSky CMS allows remote attackers to execute arbitrary SQL commands via the news_id parameter in a read action. | |||||
| CVE-2008-0487 | 1 The Net Guys | 1 Aspired2protect | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4517 | 1 Geccbblite | 1 Geccbblite | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6667 | 1 Myphp | 1 Myphp Forum | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the member.php vector is already covered by CVE-2005-0413. | |||||
| CVE-2009-2147 | 1 Phpwebthings | 1 Phpwebthings | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in fdown.php in phpWebThings 1.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6409 | 1 Brian Wilson | 1 Ol\'bookmarks | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ol'bookmarks manager 0.7.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a brain action. | |||||
| CVE-2008-6794 | 1 Sfs Ez Pub | 1 Fsf Ex Pub | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Pub Site allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2009-4569 | 1 Elkagroup | 1 Image Gallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in elkagroup Image Gallery allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI under news/. | |||||
| CVE-2008-2510 | 1 Wordpress | 1 Upload File Plugin | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wp-uploadfile.php in the Upload File plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the f_id parameter. | |||||