Total
15519 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2034 | 1 Wordpress | 1 Download Monitor Plugin | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wp-download_monitor/download.php in the Download Monitor 2.0.6 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-1496 | 1 Peel | 1 Peel | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to (a) membre.php, and the (2) timestamp parameter to (b) the details action in achat/historique_commandes.php and (c) the facture action in factures/facture_html.php. | |||||
| CVE-2008-4732 | 2 Pressography, Wordpress | 2 Wp Comment Remix Plugin, Wordpress | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter. | |||||
| CVE-2007-1548 | 1 Webwizguide | 1 Web Wiz Forums | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp. | |||||
| CVE-2008-5333 | 1 Nitrotech | 1 Nitrotech | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in members.php in NitroTech 0.0.3a allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-0451 | 1 Skalinks | 1 Skalinks | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Skalfa SkaLinks 1.5 allows remote attackers to execute arbitrary SQL commands via the Admin name field to the default URI under admin/. | |||||
| CVE-2008-0428 | 1 Bloofoxcms | 1 Bloofoxcms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the login function in system/class_permissions.php in bloofoxCMS 0.3 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/index.php. | |||||
| CVE-2008-6116 | 2 Extrosoft, Joomla | 2 Com Thyme, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event parameter to index.php. | |||||
| CVE-2008-3751 | 1 Yourfreeworld | 1 Short Url And Url Tracker Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-2019 | 1 Virtuenetz | 1 Virtue News Manager | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news_detail.php in Virtue News Manager allows remote attackers to execute arbitrary SQL commands via the nid parameter. | |||||
| CVE-2007-6137 | 1 P3mbo | 1 Content Injector | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in Content Injector 1.52 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-2886 | 1 Phpscriptsnow | 1 President Bios | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bios.php in PHP Scripts Now President Bios allows remote attackers to execute arbitrary SQL commands via the rank parameter. | |||||
| CVE-2008-6366 | 1 Adserversolutions | 1 Affiliate Software Java | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in logon.jsp in Ad Server Solutions Affiliate Software Java 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, possibly related to the uname and pass parameters to logon_process.jsp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2114 | 1 Preprojects | 1 Pre Shopping Mall | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2008-4882 | 1 Yourfreeworld | 1 Autoresponder Hosting Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Autoresponder Hosting Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-2147 | 1 Phpwebthings | 1 Phpwebthings | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in fdown.php in phpWebThings 1.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5166 | 1 Easysitenetwork | 1 Riddles Website | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in riddle.php in Riddles Website 1.2.1 allows remote attackers to execute arbitrary SQL commands via the riddleid parameter. | |||||
| CVE-2008-0815 | 2 Egitimhost, Joomla | 2 Com Mezun, Com Mezun | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task. | |||||
| CVE-2009-4165 | 2 Simple Glossar, Typo3 | 2 Simple Glossar, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the simple Glossar (simple_glossar) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-4074 | 1 Zanfi Solutions | 1 Autodealers Cms Autonline | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||