Total
15431 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5308 | 1 Php Homepage M | 1 Php Homepage M | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action. | |||||
| CVE-2008-6086 | 1 Camera Life | 1 Camera Life | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3355. | |||||
| CVE-2007-6159 | 1 Tilde | 1 Tilde Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to execute arbitrary SQL commands via the aarstal parameter in a yeardetail action, a different vector than CVE-2006-1500. | |||||
| CVE-2008-0773 | 3 Joomla, Mambo, Phil Taylor | 4 Com Comments, Com Comments, Comments and 1 more | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1039 | 1 Porar | 1 Webboard | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in question.asp in PORAR WEBBOARD allows remote attackers to execute arbitrary SQL commands via the QID parameter. | |||||
| CVE-2008-0270 | 1 Taskfreak | 1 Taskfreak | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in index.php in TaskFreak! 0.6.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sContext parameter. | |||||
| CVE-2009-1814 | 1 Jevontech | 1 Phpenpals | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the profile.php vector is already covered by CVE-2006-0074. | |||||
| CVE-2009-0702 | 2 Joomla, Phoca | 2 Joomla, Com Phocadocumentation | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to index.php. | |||||
| CVE-2008-3955 | 1 Masir Camp | 1 E-shop Module | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Masir Camp E-Shop Module 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ordercode parameter in a veiworderstatus page. | |||||
| CVE-2008-2568 | 1 Joomla | 2 Com Simpleshop, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component 3.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a browse action to index.php. | |||||
| CVE-2008-0281 | 1 Id-commerce | 1 Id-commerce | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in liste.php in ID-Commerce 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idFamille parameter. | |||||
| CVE-2008-5212 | 1 Aj Square | 1 Aj Auction | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in classifide_ad.php in AJ Auction 6.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | |||||
| CVE-2009-1848 | 2 Joomla, Joomlame | 2 Joomla, Com Agoragroup | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to index.php. | |||||
| CVE-2008-4617 | 3 Joomla, Mambo-foundation, Pyxicom | 3 Joomla, Mambo, Actualite | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5782 | 1 Zeeways | 1 Zeematri | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bannerclick.php in ZeeMatri 3.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | |||||
| CVE-2008-6794 | 1 Sfs Ez Pub | 1 Fsf Ex Pub | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Pub Site allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-6303 | 1 Toursmanager | 1 Tours Manager | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tourview.php in ToursManager allows remote attackers to execute arbitrary SQL commands via the tourid parameter. | |||||
| CVE-2007-6345 | 1 Aurora | 1 Aurora Framework | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3713 | 1 Morcego | 1 Morcegocms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in fichero.php in MorcegoCMS 1.7.6 and earlier allows remote attackers to execute arbitrary SQL commands via the query string. | |||||
| CVE-2008-4603 | 1 Igaming | 1 Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action. | |||||