Total
15623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5649 | 1 Alstrasoft | 1 Article Manager Pro | 2025-04-09 | 10.0 HIGH | N/A |
| SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2009-4396 | 2 Fr.simon Rundell, Typo3 | 2 Pd Resources, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-1162 | 1 Php Web Scripts | 1 Dynamic Photo Gallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter. | |||||
| CVE-2008-1349 | 1 Exv2 | 2 Bamagalerie, Exv2 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Galerie) 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-0690 | 1 Joomla | 1 Com Directory | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewcat action. | |||||
| CVE-2008-6261 | 1 E-topbiz | 1 Admanager | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows remote attackers to execute arbitrary SQL commands via the group parameter. | |||||
| CVE-2009-3964 | 2 Joomla, Ninjaforge | 2 Joomla\!, Com Ninjamonials | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the NinjaMonials (com_ninjacentral) component 1.1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the testimID parameter in a display action to index.php. | |||||
| CVE-2008-3599 | 1 Openimpro | 1 Openimpro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in image.php in OpenImpro 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-7044 | 1 Ajsquare | 1 Free Polling Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to execute arbitrary SQL commands via the ques parameter. | |||||
| CVE-2009-1843 | 1 Glenn Mcgurrin | 1 Flash Quiz | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Flash Quiz Beta 2 allow remote attackers to execute arbitrary SQL commands via the (1) quiz parameter to (a) num_questions.php, (b) answers.php, (c) high_score.php, (d) high_score_web.php, (e) results_table_web.php, and (f) question.php; and the (2) order_number parameter to (g) answers.php and (h) question.php. | |||||
| CVE-2008-0939 | 1 Wordpress | 1 Photo Album Plugin | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in wppa.php in the WP Photo Album (WPPA) before 1.1 plugin for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the photo parameter to index.php, used by the wppa_photo_name function; or (2) the album parameter to index.php, used by the wppa_album_name function. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4516 | 1 Galerie | 1 Galerie | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in galerie.php in Galerie 3.2 allows remote attackers to execute arbitrary SQL commands via the pic parameter. | |||||
| CVE-2008-6422 | 1 Psychostats | 1 Psychostats | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and 2.3.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) weapon.php and (2) map.php. | |||||
| CVE-2008-0129 | 1 Siteatschool | 1 Siteatschool | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and earlier allows remote attackers to execute arbitrary SQL commands via the album_name parameter. | |||||
| CVE-2008-4459 | 1 Extrovert Software | 1 Thyme | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pick_users.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the uname_search parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1813 | 1 Submitterscript | 1 Submitterscript | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/index.php in Submitter Script 2 allow remote attackers to execute arbitrary SQL commands via (1) the uNev parameter (aka the username field) or (2) the uJelszo parameter (aka the Password field). | |||||
| CVE-2008-4715 | 1 Jpad Project | 1 Jpad | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Jpad (com_jpad) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. | |||||
| CVE-2009-2590 | 1 Resalecode | 1 Hutscripts Php Website Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showcategory.php in Hutscripts PHP Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-4713 | 1 212cafe | 1 212cafeboard | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in 212cafe Board 0.07 allows remote attackers to execute arbitrary SQL commands via the qID parameter. | |||||
| CVE-2008-4643 | 1 Mywebland | 1 Mystats | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in hits.php in myWebland myStats allows remote attackers to execute arbitrary SQL commands via the sortby parameter. | |||||