Total
15549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5803 | 1 E-topbiz | 1 Online Store | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in E-topbiz Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka username field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1282 | 1 Glfusion | 1 Glfusion | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the glf_session cookie parameter. | |||||
| CVE-2008-0810 | 2 Joomla, Mambo | 2 Com Scheduling Component, Com Scheduling Component | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-2573 | 1 Bioscripts | 1 Minitwitter | 2025-04-09 | 6.0 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in MiniTwitter 0.2 beta, when magic_quotes_gpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via the (1) user parameter to (a) index.php and (b) rss.php. | |||||
| CVE-2007-4258 | 1 Prozilla | 1 Prozilla Pub Site Directory | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Prozilla Pub Site Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2009-2239 | 1 Joomla | 4 Com Casiino Blackjack, Com Casino Videopoker, Com Casinobase and 1 more | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
| CVE-2008-0733 | 1 Cs Team | 1 Counter Strike Portal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers to execute arbitrary SQL commands via the id parameter, as demonstrated using the downloads page. | |||||
| CVE-2009-2593 | 1 Censura | 1 Censura | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in censura.php in Censura 1.16.04 allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a details action. | |||||
| CVE-2009-4595 | 1 Phpwares | 1 Php Inventory | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in index.php in PHP Inventory 1.2 allows remote authenticated users to execute arbitrary SQL commands via the sup_id parameter in a suppliers details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-4256 | 1 Truesolution | 1 Alefmentor | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in cource.php in AlefMentor 2.0 and 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) cont_id and (2) courc_id parameters in a pregled action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0562 | 1 Mamboserver | 2 Joomla, Mambo | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-0692 | 1 Itechscripts | 1 Itechbids | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | |||||
| CVE-2007-3677 | 1 Maxsi | 1 Evisit Analyst | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) idsp1.pl, (2) ip.pl, and (3) einsite_director.pl. NOTE: this issue can be leveraged for path disclosure from resulting error messages. | |||||
| CVE-2008-5561 | 1 Netref | 1 Netref | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Netref 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) fiche_product.php and (2) presentation.php. | |||||
| CVE-2006-6706 | 1 Soumu | 3 Koukyoumuke Soumu Workflow, Soumo Workflow, Soumu Workflow | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 through 01-01, Soumu Workflow 02-00 through 03-03, and Koukyoumuke Soumu Workflow 01-00 through 01-01 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors in certain web pages. | |||||
| CVE-2009-2891 | 1 Phpscriptsnow | 1 Riddles | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in list.php in PHP Scripts Now Riddles allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-6037 | 1 Availscript | 1 Availscript Article Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the v parameter. | |||||
| CVE-2008-4436 | 1 Bblog | 1 Wbblog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bblog_plugins/builtin.help.php in bBlog 0.7.6 allows remote attackers to execute arbitrary SQL commands via the mod parameter. | |||||
| CVE-2008-3580 | 1 Qsoft | 1 K-links | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to visit.php, or the PATH_INFO to the default URI under (2) report/, (3) addreview/, or (4) refer/. | |||||
| CVE-2008-0512 | 1 Joomla | 1 Com Fq | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the fq (com_fq) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | |||||