Total
17809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3556 | 1 Haudenschilt | 1 Battlenet Clan Script | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Battle.net Clan Script 1.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) showmember parameter in a members action and the (2) thread parameter in a board action. NOTE: vector 1 might be the same as CVE-2008-2522. | |||||
| CVE-2007-5978 | 1 Xoops | 1 Mylinks Module | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in brokenlink.php in the mylinks module for XOOPS allows remote attackers to execute arbitrary SQL commands via the lid parameter. | |||||
| CVE-2008-2339 | 1 Turnkeywebtools | 1 Sunshop Shopping Cart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549. | |||||
| CVE-2007-4597 | 1 Turnkey Web Tools | 1 Sunshop Shopping Cart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the s[cid] parameter in a search_list action, a different vector than CVE-2007-2549. | |||||
| CVE-2008-6146 | 1 Deluxebb | 1 Deluxebb | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in pm.php in DeluxeBB 1.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a delete##### parameter in a Delete action, a different vector than CVE-2005-2989. | |||||
| CVE-2008-2995 | 1 Phpeasydata | 1 Phpeasydata | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to execute arbitrary SQL commands via (1) the annuaire parameter to annuaire.php or (2) the username field in admin/login.php. | |||||
| CVE-2008-6458 | 2 Dieter Mayer, Typo3 | 2 Fe Address Edit, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the FE address edit for tt_address & direct mail (dmaddredit) extension 0.4.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6003 | 1 Aj Square | 1 Aj Auction | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote attackers to execute arbitrary SQL commands via the seller_id parameter. | |||||
| CVE-2009-3419 | 1 Intesync | 1 Miniweb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter. | |||||
| CVE-2008-0286 | 1 Article Dashboard | 1 Article Dashboard | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields. | |||||
| CVE-2008-0601 | 1 All Club Cms | 1 All Club Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||||
| CVE-2008-6526 | 1 Bosdev | 1 Bos Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in BosDev BosClassifieds allows remote attackers to execute arbitrary SQL commands via the cat_id parameter, a different vector than CVE-2008-1838. | |||||
| CVE-2007-6727 | 1 Max Kervin | 1 Kervinet Forum | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter. | |||||
| CVE-2008-4879 | 1 Maran | 1 Php Shop | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in prod.php in Maran PHP Shop allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2008-4880. | |||||
| CVE-2009-3117 | 1 Snowhall | 1 Silurus System | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in Snow Hall Silurus System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-0538 | 1 Phpip | 1 Phpip Management | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to login.php, the (2) id parameter to display.php, and unspecified other vectors. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1494 | 1 Easy-clanpage | 1 Easy-clanpage | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in inc/module/online.php in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a user details action, a different vector than CVE-2008-1425. | |||||
| CVE-2008-6378 | 1 Mxmania | 1 Calendar Mx Professional | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-6466 | 2 Akirapowered, E107 | 2 Image Gallery, E107 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in image_gallery.php in the Akira Powered Image Gallery (image_gallery) plugin 0.9.6.2 for e107 allows remote attackers to execute arbitrary SQL commands via the image parameter in an image-detail action. | |||||
| CVE-2008-6133 | 1 Ozsari | 1 Full Php Emlak Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3942. | |||||