Total
15612 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4203 | 1 Arabportal | 1 Arab Portal | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php in Arab Portal 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) X-Forwarded-For or (2) Client-IP HTTP header in a request to the default URI under admin/. | |||||
| CVE-2009-2310 | 1 Bow Der Kleine | 1 X-blc | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in include/get_read.php in Extensible-BioLawCom CMS (X-BLC) 0.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter. | |||||
| CVE-2008-5197 | 1 Php-fusion | 1 Php-fusion | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in classifieds.php in PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the lid parameter in a detail_adverts action. | |||||
| CVE-2007-6269 | 1 Xigla | 1 Absolute News Manager.net | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in Absolute News Manager.NET 5.1 allow remote attackers to execute arbitrary SQL commands via the (1) z, (2) pz, (3) ord, and (4) sort parameters. | |||||
| CVE-2009-4305 | 1 Moodle | 1 Moodle | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)." | |||||
| CVE-2008-4431 | 1 Icebb | 1 Icebb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and earlier allows remote attackers to execute arbitrary SQL commands via the skin parameter, probably related to an incorrect protection mechanism in the clean_string function in includes/functions.php. | |||||
| CVE-2009-4084 | 1 E107 | 1 E107 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the search feature in e107 0.7.16 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-3804 | 1 Runcms | 1 Runcms | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or (2) the topic_id parameter. | |||||
| CVE-2009-4600 | 1 Netartmedia | 1 Media Real Estate Portal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the Email parameter (aka the username field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-3512 | 1 Php Nuke | 1 Kleinanzeigen Module | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the lid parameter in a visit action to modules.php. | |||||
| CVE-2009-0851 | 1 Stewart Howe | 1 Celerbb | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewforum.php and (2) viewtopic.php. | |||||
| CVE-2009-0704 | 1 Webmastersite | 1 Wsn Guest | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in WSN Guest 1.23 allows remote attackers to execute arbitrary SQL commands via the search parameter in an advanced action. | |||||
| CVE-2008-4778 | 1 Dream4 | 1 Koobi Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the gallery module in Koobi CMS 4.3.0 allows remote attackers to execute arbitrary SQL commands via the galid parameter in a showimages action. | |||||
| CVE-2008-2223 | 1 Buyscripts | 1 Vshare Youtube Clone | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in group_posts.php in vShare YouTube Clone 2.6 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | |||||
| CVE-2008-6245 | 1 Scripts-for-sites | 1 Ez Biz Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in track.php in Scripts For Sites (SFS) EZ BIZ PRO allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4633 | 1 Drupal | 2 Drupal, Node Clone | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in Node Vote 5.x before 5.x-1.1 and 6.x before 6.x-1.0, a module for Drupal, when "Allow user to vote again" is enabled, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to a "previously cast vote." | |||||
| CVE-2008-0652 | 2 Joomla, Mambo | 2 Com Downloads, Com Downloads | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. | |||||
| CVE-2009-2014 | 1 Joomla | 2 Com School, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the ComSchool (com_school) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to index.php. | |||||
| CVE-2009-2120 | 1 Tekbase | 1 Tekbase All-in-one | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in TekBase All-in-One 3.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) ids parameter to admin.php, the (2) y parameter to members.php, and other unspecified vectors. NOTE: vector 1 requires administrative access. | |||||
| CVE-2009-0598 | 1 Phpmesfilms | 1 Phpmesfilms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PhpMesFilms 1.0 and 1.8 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||