Total
15431 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3327 | 1 Webilix | 1 Wx-guestbook | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in WX-Guestbook 1.1.208 allow remote attackers to execute arbitrary SQL commands via the (1) QUERY parameter to search.php and (2) USERNAME parameter to login.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0543 | 1 Proftpd | 1 Proftpd | 2025-04-09 | 6.8 MEDIUM | N/A |
| ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres. | |||||
| CVE-2008-6349 | 1 Turnkeyforms | 1 Business Survey Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0603 | 3 Amazoop, Joomla, Mambo | 3 Awesom, Com Awesom, Com Awesom | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task. | |||||
| CVE-2008-4904 | 1 Typosphere | 1 Typo | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in the "Manage pages" feature (admin/pages) in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via the search[published_at] parameter. | |||||
| CVE-2007-6575 | 1 Brand039 | 1 Mmslamp | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action. | |||||
| CVE-2008-6678 | 1 Quickersite | 1 Quickersite | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in asp/includes/contact.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary SQL commands via the sNickName parameter in a profile action to default.asp. | |||||
| CVE-2008-2633 | 1 Joomla | 2 Com Joomradio, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the EXP JoomRadio (com_joomradio) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) show_radio or (2) show_video action to index.php. | |||||
| CVE-2007-1920 | 1 Smodbip | 1 Smodbip | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the aktualnosci module in SmodBIP 1.06 and earlier allows remote attackers to execute arbitrary SQL commands via the zoom parameter, possibly related to home.php. | |||||
| CVE-2008-5223 | 1 Airvae | 1 Commerce | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Airvae Commerce 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2009-3052 | 2 Absoluteanime, Phpbb | 2 Prime Quick Style, Phpbb | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in root/includes/prime_quick_style.php in the Prime Quick Style addon before 1.2.3 for phpBB 3 allows remote authenticated users to execute arbitrary SQL commands via the prime_quick_style parameter to ucp.php. | |||||
| CVE-2008-7114 | 1 Ifusionservices | 1 Ifdate | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in members_search.php in iFusion Services iFdate 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the name field. | |||||
| CVE-2008-4665 | 1 Datingpro | 1 Matchmaking | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PG Matchmaking allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) news_read.php and (2) gifts_show.php. | |||||
| CVE-2007-4719 | 1 212cafe | 1 212cafeboard | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.php in 212cafeBoard 6.30 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-2933 | 1 Piwigo | 1 Piwigo | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in Piwigo before 2.0.3 allows remote attackers to execute arbitrary SQL commands via the items_number parameter. | |||||
| CVE-2008-4378 | 1 Mr. Cgi Guy | 1 Hot Links Sql Php | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-4966 | 1 Gforge | 1 Gforge | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in www/people/editprofile.php in GForge 4.6b2 and earlier allows remote attackers to execute arbitrary SQL commands via the skill_delete[] parameter. | |||||
| CVE-2008-5637 | 1 Parsblogger | 1 Parsblogger | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows remote attackers to execute arbitrary SQL commands via the wr parameter. | |||||
| CVE-2008-3238 | 1 Itechscripts | 1 Itechbids | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow remote attackers to execute arbitrary SQL commands via (1) the seller_id parameter in sellers_othersitem.php, (2) the productid parameter in classifieds.php, and (3) the id parameter in shop.php. | |||||
| CVE-2008-0753 | 1 Vwar | 1 Virtual War | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendar.php in Virtual War (VWar) 1.5 allows remote attackers to execute arbitrary SQL commands via the month parameter. | |||||