Total
15431 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2309 | 1 Codice-cms | 1 Codice Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Codice CMS 2 allows remote attackers to execute arbitrary SQL commands via the tag parameter. | |||||
| CVE-2008-2029 | 1 Minibb | 1 Minibb | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php. | |||||
| CVE-2008-5037 | 1 Elkagroup | 1 Image Gallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2007-3063 | 1 Mealex | 1 My Databook | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in diary.php in My Databook allows remote attackers to execute arbitrary SQL commands via the delete parameter. | |||||
| CVE-2008-5191 | 1 Seportal | 1 Seportal | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php. | |||||
| CVE-2008-2013 | 1 Pnflashgames | 1 Pnflashgames | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in the pnFlashGames 1.5 through 2.5 module for PostNuke, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a display action. | |||||
| CVE-2008-4352 | 1 Phpsmartcom | 1 Phpsmartcom | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in inc/pages/viewprofile.php in phpSmartCom 0.2 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a viewprofile action to index.php. | |||||
| CVE-2007-5131 | 1 Interspire | 1 Activekb Nx | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. NOTE: it was separately reported that ActiveKB 1.5 is also affected. | |||||
| CVE-2008-1869 | 1 Site Sift Media | 1 Site Sift Listings | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific. | |||||
| CVE-2007-4892 | 1 Swsoft | 1 Plesk | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, 8.1.1, and 8.2.0 for Windows allow remote attackers to execute arbitrary SQL commands via a PLESKSESSID cookie to (1) login.php3 or (2) auth.php3. | |||||
| CVE-2008-3343 | 1 Myiosoft | 1 Easypublish | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr (trial edition) allows remote attackers to execute arbitrary SQL commands via the read parameter in a search action. | |||||
| CVE-2007-0520 | 1 Unique Ads | 1 Unique Ads | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in banner.php in Unique Ads (UDS) 1.x allows remote attackers to execute arbitrary SQL commands via the bid parameter. | |||||
| CVE-2009-2427 | 1 Jobbr | 1 Jobbr | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows remote attackers to execute arbitrary SQL commands via the emp_id parameter. | |||||
| CVE-2009-1024 | 1 Beerwin | 1 Phplinkadmin | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Beerwin PHPLinkAdmin 1.0 allow remote attackers to execute arbitrary SQL commands via the linkid parameter to edlink.php, and unspecified other vectors. | |||||
| CVE-2008-5751 | 1 Alstrasoft | 1 Web Email Script Enterprise | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a directory action. | |||||
| CVE-2008-4889 | 1 Dev\!l\'s | 1 Clanportal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in deV!L'z Clanportal (DZCP) 1.4.9.6 and earlier allows remote attackers to execute arbitrary SQL commands via the users parameter in an addbuddy operation in a buddys action. | |||||
| CVE-2008-0453 | 1 Easysitenetwork | 1 Recipe Website Script | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in list.php in Easysitenetwork Recipe allows remote attackers to execute arbitrary SQL commands via the categoryid parameter. | |||||
| CVE-2008-2484 | 1 Xomol | 1 Xomol Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter. | |||||
| CVE-2008-0842 | 1 Joomla | 1 Com Clasifier | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-0388 | 1 Wordpress | 1 Wp Forum | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the WP-Forum 1.7.4 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the user parameter in a showprofile action to the default URI. | |||||