Total
15514 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1726 | 1 Myknowledgequest | 1 Knowledgequest | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kqid parameter to (a) articletext.php and (b) articletextonly.php and the (2) username parameter to (c) logincheck.php. | |||||
| CVE-2008-2793 | 1 Clip-share | 1 Clipshare | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | |||||
| CVE-2007-6671 | 1 Instantsoftwares | 1 Dating Site | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-6021. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0942 | 1 Aeries | 1 Aeries Student Information System | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote attackers to execute arbitrary SQL commands via the GrdBk parameter. | |||||
| CVE-2009-2102 | 2 Com Jumi, Joomla | 2 Com Jumi, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Jumi (com_jumi) component 2.0.3 and possibly other versions for Joomla allows remote attackers to execute arbitrary SQL commands via the fileid parameter to index.php. | |||||
| CVE-2009-0407 | 1 Humayun Shabbir | 1 Php-cms Project | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in PHP-CMS Project 1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2007-5719 | 1 Minibb | 1 Minibb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows remote attackers to execute arbitrary SQL commands via the table parameter to index.php. | |||||
| CVE-2008-5582 | 1 Nukedit | 1 Nukedit | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter. | |||||
| CVE-2008-6488 | 1 Softcomplex | 1 Php Image Gallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the Admin field in a login action. | |||||
| CVE-2008-4376 | 1 Livetvscript | 1 Live Tv Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Live TV Script allows remote attackers to execute arbitrary SQL commands via the mid parameter. | |||||
| CVE-2008-6853 | 1 Netcat | 1 Netcat | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter. | |||||
| CVE-2006-5957 | 1 Infinicart | 1 Infinicart | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in INFINICART allow remote attackers to execute arbitrary SQL commands via the (1) groupid parameter in (a) browse_group.asp, (2) productid parameter in (b) added_to_cart.asp, and (3) catid and (4) subid parameter in (c) browsesubcat.asp. NOTE: the vendor has disputed this report, saying "The vulnerabilities mentioned were never present in our official released products but only in the unofficial demo version. However we do appreciate the information. We have update our demo version and made sure all those vulnerabilities are fixed. | |||||
| CVE-2008-1460 | 3 Joomla, Joomlapixel, Mambo | 3 Joomla, Com Joovideo, Mambo | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joovideo (com_joovideo) 1.0 and 1.2.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2008-3498 | 2 Joomla, Netshinesoftware | 2 Joomla\!, Com Netinvoice | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in an orders action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0709 | 1 Vlad Alexa Mancini | 1 Phpfootball | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-2735 | 1 Sun-jester | 1 Opennews | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin.php in sun-jester OpenNews 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-2532 | 1 Aj Square | 1 Aj Hyip | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum/topic_detail.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-2341 | 1 Shalwan | 1 Opial | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in albumdetail.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the albumid parameter. | |||||
| CVE-2008-5165 | 1 Eticket | 1 Eticket | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote attackers to execute arbitrary SQL commands via the pri parameter to (1) index.php, (2) open.php, (3) open_raw.php, and (4) newticket.php. | |||||
| CVE-2008-4604 | 1 Cafeengine | 1 Easycafeengine | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Easy CafeEngine 1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter. | |||||