Total
15513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0355 | 1 Phpecho Cms | 1 Phpecho Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866. | |||||
| CVE-2009-3252 | 1 Dave Robinson | 1 Rockbandcms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) id parameters. | |||||
| CVE-2008-4534 | 1 Ec-cube | 1 Ec-cube | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in EC-CUBE Ver2 2.1.2a and earlier, and Ver2 RC 2.3.0-rc1 and earlier, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6795 | 1 Niclor | 1 Vibro-school-cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_news.php in nicLOR Vibro-School-CMS allows remote attackers to execute arbitrary SQL commands via the nID parameter. | |||||
| CVE-2009-0965 | 1 Ismail Fahmi | 1 Ganesha Digital Library | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in functions/browse.php in Ganesha Digital Library (GDL) 4.0 and 4.2 allows remote attackers to execute arbitrary SQL commands via the node parameter in a browse action to gdl.php. | |||||
| CVE-2009-2017 | 1 Virtuenetz | 1 Virtue Book Store | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in products.php in Virtue Book Store allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-6796 | 1 Preprojects | 1 Pre Real Estate Listings | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in manager/login.php in Pre Projects Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the username1 parameter (aka the Admin field or Username field). | |||||
| CVE-2008-7059 | 1 Aled Owen | 1 One-news | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter. | |||||
| CVE-2009-4569 | 1 Elkagroup | 1 Image Gallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in elkagroup Image Gallery allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI under news/. | |||||
| CVE-2007-5996 | 1 Softbizscripts | 1 Link Directory Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in searchresult.php in Softbiz Link Directory Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter, a related issue to CVE-2007-5449. | |||||
| CVE-2008-5208 | 2 Joomla, Mambo | 3 Com Datsogallery, Joomla, Mambo | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | |||||
| CVE-2008-2971 | 1 Cistyle | 1 Ciblog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in links-extern.php in CiBlog 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0854 | 2 Joomla, Mambo | 2 Com Salesrep, Com Salesrep | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php. | |||||
| CVE-2008-5875 | 2 Joomla, Joomlahbs | 3 Joomla, Com Lowcosthotels, Hotel Booking Reservation System | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php. | |||||
| CVE-2009-4414 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in phpgwapi /inc/class.auth_sql.inc.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the passwd parameter to login.php. | |||||
| CVE-2008-5992 | 1 Jetik | 1 Jetik Emlak Sistem A | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Jetik Emlak Sistem A (ESA) 2.0 allow remote attackers to execute arbitrary SQL commands via the KayitNo parameter to (1) diger.php and (2) sayfalar.php. | |||||
| CVE-2006-5738 | 1 Punbb | 1 Punbb | 2025-04-09 | 2.1 LOW | 7.2 HIGH |
| Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4591 | 1 Secureideas | 1 Base | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6394 | 1 Cs-cart | 1 Cs-cart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter. | |||||
| CVE-2008-2522 | 1 Haudenschilt | 1 Battlenet Clan Script | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in members.php in Battle.net Clan Script for PHP 1.5.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showmember parameter in a members action. | |||||