Total
15493 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3301 | 1 Fusetalk | 1 Fusetalk | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum/include/error/autherror.cfm in FuseTalk allows remote attackers to execute arbitrary SQL commands via the errorcode parameter. NOTE: a patch may have been released privately between April and June 2007. NOTE: this issue may overlap CVE-2007-3273. | |||||
| CVE-2008-6322 | 1 Cfmsource | 1 Cfmblog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | |||||
| CVE-2008-2447 | 1 Mytipper | 1 Zogo Shop | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in products.php in the Mytipper ZoGo-shop plugin 1.15.5 and 1.16 Beta 13 for e107 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2569 | 1 Joomla | 1 Easybook Component | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the EasyBook (com_easybook) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a deleteentry action to index.php. | |||||
| CVE-2008-0579 | 1 Joomla | 1 Com Buslicense | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the buslicense (com_buslicense) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in a list action. | |||||
| CVE-2008-4753 | 1 Aj Square Inc | 1 Rss Reader | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in EditUrl.php in AJ Square RSS Reader allows remote attackers to execute arbitrary SQL commands via the url parameter. | |||||
| CVE-2008-3307 | 1 Youtube Blog | 1 Youtube Blog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306. | |||||
| CVE-2007-1166 | 1 Nabocorp | 1 Nabopoll | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in result.php in Nabopoll 1.2 allows remote attackers to execute arbitrary SQL commands via the surv parameter. | |||||
| CVE-2008-4706 | 1 Vbulletin | 1 Vbgooglemap | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in VBGooglemap Hotspot Edition 1.0.3, a vBulletin module, allows remote attackers to execute arbitrary SQL commands via the mapid parameter in a showdetails action to (1) vbgooglemaphse.php and (2) mapa.php. | |||||
| CVE-2007-4552 | 1 Agares Media | 1 Arcadem | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not. | |||||
| CVE-2008-6509 | 1 Igniterealtime | 1 Openfire | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp. | |||||
| CVE-2008-2208 | 1 Maianscriptworld | 1 Maian Greeting | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Maian Greeting 2.1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search action. | |||||
| CVE-2009-4163 | 2 Tw Productfinder, Typo3 | 2 Tw Productfinder, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the TW Productfinder (tw_productfinder) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-2790 | 1 Softbiz | 1 Dating Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4. | |||||
| CVE-2008-2746 | 1 Gryphon | 1 Gllcts2 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the detail parameter. | |||||
| CVE-2008-1295 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in archives.php in Gregory Kokanosky (aka Greg's Place) phpMyNewsletter 0.8 beta 5 and earlier allows remote attackers to execute arbitrary SQL commands via the msg_id parameter. | |||||
| CVE-2008-4611 | 1 Php Arsivimiz | 1 Php Ziyaretci Defteri | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHP Arsivimiz Php Ziyaretci Defteri allows remote attackers to execute arbitrary SQL commands via the sayfa parameter. | |||||
| CVE-2008-3372 | 1 Greatclone | 1 Getacoder Clone | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search_form.php in Getacoder Clone allows remote attackers to execute arbitrary SQL commands via the sb_protype parameter. | |||||
| CVE-2008-1308 | 2 Phpnuke, Sudirman Angriawan | 2 Php-nuke, Nukec30 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Sudirman Angriawan NukeC30 3.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action to modules.php. | |||||
| CVE-2009-0808 | 1 Simple Cmms | 1 Simplecmms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SimpleCMMS before 0.1.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||