Total
15514 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-2903 | 1 Awbs | 1 Advanced Webhost Billing System | 2025-04-09 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in news.php in Advanced Webhost Billing System (AWBS) 2.3.3 through 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the viewnews parameter. | |||||
CVE-2008-7120 | 1 Mrcgiguy | 1 Hot Links Sql-php | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter. | |||||
CVE-2008-0279 | 1 Xforum | 1 Xforum | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected. | |||||
CVE-2008-6153 | 1 Jayeshp | 1 Pixel8 Web Photo Album | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo Album 3.0 allows remote attackers to execute arbitrary SQL commands via the AlbumID parameter. | |||||
CVE-2008-5805 | 1 Deltascripts | 1 Php Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the siteid parameter, a different vector than CVE-2006-5828. | |||||
CVE-2008-6880 | 1 Easysitenetwork | 1 Jokes Complete Website | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes Website allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-6332 | 1 Simplecustomer | 1 Simple Customer | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in login.php in Simple Customer 1.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
CVE-2008-1077 | 1 Mamboportal.com | 1 Simpleboard | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Simpleboard (com_simpleboard) 1.0.3 Stable component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action. | |||||
CVE-2008-1551 | 1 Runcms | 2 Photo Module, Runcms | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in viewcat.php in the Photo 3.02 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
CVE-2009-2093 | 1 Ibm | 1 Websphere Partner Gateway | 2025-04-09 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in the console in IBM WebSphere Partner Gateway (WPG) Enterprise 6.0 before FP8, 6.1 before FP3, 6.1.1 before FP2, and 6.2 before FP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2008-2130 | 1 Igaming | 1 Cms | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in poll_vote.php in iGaming CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-5268 | 1 Aspportal | 1 Aspportal | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to execute arbitrary SQL commands via the Topic_Id parameter. | |||||
CVE-2008-2796 | 1 Freecms.us | 1 Freecms | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
CVE-2007-5511 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain. | |||||
CVE-2008-1935 | 1 Joomla | 1 Joomla | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the idFiliale parameter. | |||||
CVE-2009-0458 | 1 Wholehogsoftware | 1 Ware Support | 2025-04-09 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Ware Support 1.x allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-3661 | 2 Blueconstantmedia, Joomla | 2 Com Djcatalog, Joomla | 2025-04-09 | 6.8 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php. | |||||
CVE-2008-6634 | 1 Beaussier | 1 Roomphplanning | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idroom parameter to weekview.php. | |||||
CVE-2009-0705 | 1 Powerscripts | 1 Powernews | 2025-04-09 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | |||||
CVE-2008-2823 | 1 Phpeasynews | 1 Phpeasyblog | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in newsarchive.php in PHPeasyblog (formerly phpeasynews) 1.13 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter. |