Total
17819 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2084 | 2 Myarticles, Runcms | 2 Myarticles, Myarticles Module | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a listarticles action. | |||||
| CVE-2008-0557 | 1 Mamboserver | 1 Catalogshop | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-2767 | 1 Xigla | 1 Absolute Poll Manager Xe | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to execute arbitrary SQL commands via the orderby parameter. | |||||
| CVE-2010-0322 | 2 Matthias Karr, Typo3 | 2 Mk Anydropdownmenu, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-2038 | 1 Turnkey Solutions | 1 Sunshop Shopping Cart | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in admin/adminindex.php in Turnkey Web Tools SunShop Shopping Cart 4.1.0 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) orderby and (2) sort parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3948 | 1 Xrms | 1 Xrms Crm | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/users/self-2.php in XRMS allows remote attackers to execute arbitrary SQL commands and modify name and email fields via unspecified vectors. | |||||
| CVE-2008-5733 | 1 Php-fusion | 2 Php-fusion, Team Impact Ti Blog System Module | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.php in the Team Impact TI Blog System mod for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5930 | 1 The Net Guys | 1 Aspired2blog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ASPired2Blog allows remote attackers to execute arbitrary SQL commands via the BlogID parameter. | |||||
| CVE-2008-6802 | 1 Phpexplorer | 1 Phphotogallery | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in phPhotoGallery 0.92 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0811 | 1 Auracms | 1 Auracms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote attackers to execute arbitrary SQL commands via (1) the kid parameter to (a) mod/dl.php or (b) mod/links.php, and (2) the query parameter to search.php. | |||||
| CVE-2007-6288 | 1 Tecnick.com | 1 Tcexam | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in TCExam before 5.1.000 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-0446 | 1 Julian Pawlowski | 1 Lulieblog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-5016 | 1 Insane Visions | 1 Onecms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in userreviews.php in OneCMS 2.4 allows remote attackers to execute arbitrary SQL commands via the abc parameter. | |||||
| CVE-2008-4901 | 1 Scripts Frenzy | 1 Article Publisher Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/admin.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2007-5150 | 1 Nukescripts | 1 Nukesentinel | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie, a different vector than CVE-2007-5125. | |||||
| CVE-2008-6422 | 1 Psychostats | 1 Psychostats | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and 2.3.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) weapon.php and (2) map.php. | |||||
| CVE-2009-2895 | 1 Phpsugar | 1 Ultimate Regnow Affiliate | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in rss.php in Ultimate Regnow Affiliate (URA) 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2007-4719 | 1 212cafe | 1 212cafeboard | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.php in 212cafeBoard 6.30 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-3119 | 1 Kartli Alisveris Sistemi | 1 Kartli Alisveris Sistemi | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) 1.0 allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | |||||
| CVE-2009-4424 | 2 Imotta, Wordpress | 2 Pyrmont Plugin, Wordpress | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||