Total
15535 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1799 | 1 Sebastian-thiele | 1 St-gallery | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.php in ST-Gallery 0.1 alpha, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) gallery_category or (2) gallery_show parameter to example.php. | |||||
| CVE-2008-4766 | 1 O2php | 1 Oxygen Bulletin Board | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1.3 allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0686 | 2 Joomla, Mambo | 2 Com Neoreferences, Com Neoreferences | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-6623 | 1 Webbdomain | 1 Post Card | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in getin.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-4518 | 1 Fastpublish | 1 Fastpublish Cms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) allow remote attackers to execute arbitrary SQL commands via the (1) sprache parameter to index2.php and the (2) artikel parameter to index.php. | |||||
| CVE-2008-2847 | 1 Softdivision | 1 Maxtrade Aoi | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 allows remote attackers to execute arbitrary SQL commands via the categori parameter in a pocategorisell action to modules.php. | |||||
| CVE-2008-0130 | 1 Instantsoftwares | 1 Dating Site | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Username parameter, a different vulnerability than CVE-2007-6671. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2869 | 1 E-topbiz | 1 Link Ads 1 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | |||||
| CVE-2008-3154 | 1 Webblizzard | 1 Content Management System | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2008-4760 | 1 Graphiks | 1 Myforum | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in lecture.php in Graphiks MyForum 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-5187 | 1 Php-fusion | 1 Expanded Calendar Module | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calendar 2.x module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the sel parameter. | |||||
| CVE-2009-0337 | 1 Katywhitton | 1 Blogit\! | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-6642 | 1 Dotcontent | 1 Fluentcms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in DotContent FluentCMS 4.x allows remote attackers to execute arbitrary SQL commands via the sid parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2093 | 3 Joomla, Joomlapolis, Mambo | 3 Com Comprofiler, Community Builder, Com Comprofiler | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php. | |||||
| CVE-2008-4148 | 1 Drupal | 1 Mailhandler | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Mailhandler module 5.x before 5.x-1.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to composing queries without using the Drupal database API. | |||||
| CVE-2007-5141 | 1 Sitex | 1 Sitex Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in search.php in SiteX CMS 0.7.3 Beta allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2009-4263 | 1 Ptcpay | 1 Gen3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main_forum.php in PTCPay GeN3 forum 1.3 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-0677 | 1 A-blog | 1 A-blog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a news action. | |||||
| CVE-2008-6163 | 1 Openx | 1 Openx | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in www/delivery/ac.php in OpenX 2.6.1 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter. | |||||
| CVE-2009-1508 | 1 Keir Davis | 1 X-forum | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php. | |||||