Total
15454 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0754 | 1 Joomla | 1 Com Rapidrecipe | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in the Rapid Recipe (com_rapidrecipe) 1.6.5 component for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the user_id parameter in a showuser action or (2) the category_id parameter in a viewcategorysrecipes action. | |||||
| CVE-2008-2815 | 1 Mymarket | 1 Mymarket | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shopping/index.php in MyMarket 1.72 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5335 | 1 Php-fusion | 1 Php-fusion | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in messages.php in PHP-Fusion 6.01.15 and 7.00.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the subject and msg_send parameters, a different vector than CVE-2005-3157, CVE-2005-3158, CVE-2005-3159, CVE-2005-4005, and CVE-2006-2459. | |||||
| CVE-2008-0515 | 2 Joomla, Mambo | 2 Musepoes Component, Musepoes Component | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action. | |||||
| CVE-2007-1469 | 1 Xigla | 1 Absolute Image Gallery Xe | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.asp in Absolute Image Gallery 2.0 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action. | |||||
| CVE-2009-1747 | 1 26thavenue | 1 Bspeak | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in 26th Avenue bSpeak 1.10 allows remote attackers to execute arbitrary SQL commands via the forumid parameter in a post action. | |||||
| CVE-2008-7169 | 2 Jabode, Joomla | 2 Com Jabode, Joomla\! | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Jabode horoscope extension (com_jabode) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php. | |||||
| CVE-2008-6007 | 1 Quidascript | 1 Bookmarks Favourites Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_group.php in QuidaScript BookMarks Favourites Script (APB) allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-2898 | 1 2z Project | 1 2z Project | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php. | |||||
| CVE-2008-2901 | 1 Haudenschilt | 1 Family Connections Cms | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter to home.php in a results action. | |||||
| CVE-2007-4095 | 1 Bsm Store | 1 Dependent Forums | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in BSM Store Dependent Forums 1.02 allows remote attackers to execute arbitrary SQL commands via a Username field in an unspecified component, probably the FrmUserName parameter in login.asp. | |||||
| CVE-2008-3603 | 1 Vacation Rentals | 1 Vacation Rental Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Vacation Rental Script 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sections action. | |||||
| CVE-2007-6577 | 1 Zsuite | 1 Zblog | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action. | |||||
| CVE-2008-6986 | 1 Zen-cart | 1 Zen Cart | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the actionMultipleAddProduct function in includes/classes/shopping_cart.php in Zen Cart 1.3.0 through 1.3.8a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the products_id array parameter in a multiple_products_add_product action, a different vulnerability than CVE-2008-6985. | |||||
| CVE-2008-1053 | 1 Phpnuke | 1 Kose Yazilari Module | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Kose_Yazilari module for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the artid parameter in a (1) viewarticle or (2) printpage action to modules.php. | |||||
| CVE-2008-5988 | 1 Jadu | 1 Jadu Cms For Government | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in scripts/recruit_details.php in Jadu CMS for Government allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1715 | 1 Auracms | 1 Auracms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in content/user.php in AuraCMS 2.2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the country parameter. | |||||
| CVE-2008-1177 | 1 Affiliate Market | 1 Affiliate Market | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shop/detail.php in Affiliate Market (affmarket) 0.1 BETA allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-1154 | 1 Webspell | 1 Webspell | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in webSPELL allows remote attackers to execute arbitrary SQL commands via a ws_auth cookie, a different vulnerability than CVE-2006-4782. | |||||
| CVE-2009-1245 | 1 Cccp-common-clan-portal-pasterbin | 1 Cccp Pastebin | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. NOTE: some of these details are obtained from third party information. | |||||