Total
15622 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0851 | 1 Stewart Howe | 1 Celerbb | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewforum.php and (2) viewtopic.php. | |||||
| CVE-2009-0704 | 1 Webmastersite | 1 Wsn Guest | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in WSN Guest 1.23 allows remote attackers to execute arbitrary SQL commands via the search parameter in an advanced action. | |||||
| CVE-2008-4778 | 1 Dream4 | 1 Koobi Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the gallery module in Koobi CMS 4.3.0 allows remote attackers to execute arbitrary SQL commands via the galid parameter in a showimages action. | |||||
| CVE-2008-2223 | 1 Buyscripts | 1 Vshare Youtube Clone | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in group_posts.php in vShare YouTube Clone 2.6 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | |||||
| CVE-2008-6245 | 1 Scripts-for-sites | 1 Ez Biz Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in track.php in Scripts For Sites (SFS) EZ BIZ PRO allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4633 | 1 Drupal | 2 Drupal, Node Clone | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in Node Vote 5.x before 5.x-1.1 and 6.x before 6.x-1.0, a module for Drupal, when "Allow user to vote again" is enabled, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to a "previously cast vote." | |||||
| CVE-2008-0652 | 2 Joomla, Mambo | 2 Com Downloads, Com Downloads | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. | |||||
| CVE-2009-2014 | 1 Joomla | 2 Com School, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the ComSchool (com_school) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to index.php. | |||||
| CVE-2009-2120 | 1 Tekbase | 1 Tekbase All-in-one | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in TekBase All-in-One 3.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) ids parameter to admin.php, the (2) y parameter to members.php, and other unspecified vectors. NOTE: vector 1 requires administrative access. | |||||
| CVE-2009-0598 | 1 Phpmesfilms | 1 Phpmesfilms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PhpMesFilms 1.0 and 1.8 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-3419 | 1 Intesync | 1 Miniweb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter. | |||||
| CVE-2008-5641 | 1 Activewebsoftwares | 1 Active Photo Gallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2008-5163 | 1 Theratstudios | 1 The Rat Cms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewarticle.php and (2) viewarticle2.php. | |||||
| CVE-2009-0431 | 1 Codefixer | 1 Linkspro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Default.asp in LinksPro Standard Edition allows remote attackers to execute arbitrary SQL commands via the OrderDirection parameter. | |||||
| CVE-2008-4705 | 1 Phponlinedatingsoftware | 1 Myphpdating | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in success_story.php in php Online Dating Software MyPHPDating allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1631 | 1 Emedia Office Gmbh | 1 Cuteflow | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter, related to the login form field in index.php. | |||||
| CVE-2008-5952 | 1 Ktp Computer Customer Database | 1 Ktp Computer Customer Database | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the tid parameter in a vtech action to the default URI. | |||||
| CVE-2009-4221 | 1 Smartisoft | 1 Phpbazar | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767. | |||||
| CVE-2008-3038 | 1 Typo3 | 1 Address Directory | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6311 | 1 Butterflymedia | 1 Butterfly Organizer | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 allows remote attackers to execute arbitrary SQL commands via the mytable parameter. NOTE: the id vector is covered by another CVE name. | |||||