Total
15533 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2895 | 1 Phpsugar | 1 Ultimate Regnow Affiliate | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in rss.php in Ultimate Regnow Affiliate (URA) 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-5132 | 1 Memht | 1 Memht Portal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header. | |||||
| CVE-2008-2096 | 1 Backlinkspider | 1 Backlink Spider | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php. | |||||
| CVE-2009-1853 | 1 Kenseiboard | 1 Kensei Board | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Kensei Board 2.0 BETA (aka 2.0.0b) and earlier allow remote attackers to execute arbitrary SQL commands via the (1) f and (2) t parameters in a showforum action. | |||||
| CVE-2008-3153 | 1 Tritoncms | 1 Triton Cms Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header. | |||||
| CVE-2008-4144 | 1 Discountedscripts | 1 E-gold Script Shop | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ACG-ScriptShop E-Gold Script Shop allows remote attackers to execute arbitrary SQL commands via the cid parameter in a showcat action. | |||||
| CVE-2008-2454 | 1 Joomla | 1 Com Xsstream-dm | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) component 0.01 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the movie parameter to index.php. | |||||
| CVE-2008-5648 | 1 Deltascripts | 1 Php Shop | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in DeltaScripts PHP Shop 1.0 allows remote attackers to execute arbitrary SQL commands via the admin_username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0110 | 1 Riotpix | 1 Riotpix | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | |||||
| CVE-2008-2411 | 1 Sazcart | 1 Sazcart | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a details action. | |||||
| CVE-2008-2175 | 1 Gamma Scripts | 1 Blogme Php | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in Gamma Scripts BlogMe PHP 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-0403 | 1 Chipmunk Scripts | 1 Chipmunk Blogger | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2008-2628 | 2 Joomla, Ron Liskey | 2 Joomla, Com Equotes | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2008-0254 | 1 Wavelink Media | 1 Tutorialcms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter. | |||||
| CVE-2008-3083 | 2 Brightcode, Joomla | 2 Brightcode Weblinks Module, Com Brightweblinks | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-3352 | 1 Nersoft | 1 Live Music Plus | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Live Music Plus 1.1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a Singer action. | |||||
| CVE-2008-6389 | 1 Aliensoftcorp | 1 Rae Media Contact Management | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, Standard, and Enterprise allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-3123 | 1 Mole Group | 1 Real Estate Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Mole Group Real Estate Script 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action. | |||||
| CVE-2009-1799 | 1 Sebastian-thiele | 1 St-gallery | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.php in ST-Gallery 0.1 alpha, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) gallery_category or (2) gallery_show parameter to example.php. | |||||
| CVE-2008-4766 | 1 O2php | 1 Oxygen Bulletin Board | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1.3 allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||