Total
15623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3226 | 1 Almondsoft | 2 Affiliate Network Classifieds, Almond Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6471 | 1 Mountaingrafix | 1 Easylink | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.php in MountainGrafix easyLink 1.1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a show action. | |||||
| CVE-2008-4786 | 1 E107 | 2 E107, Easyshop Plugin | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in easyshop.php in the EasyShop plugin for e107 allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
| CVE-2009-2603 | 1 E-supportportal | 1 Escon Supportportal Pro | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Escon SupportPortal Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat and (2) tid parameters. | |||||
| CVE-2007-5678 | 1 Phpbasic | 1 Phpbasic | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Music module in phpBasic allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to the default URI. | |||||
| CVE-2007-4984 | 2 Ktauber, Phpbb | 2 Stylesdemo, Phpbb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Ktauber.com StylesDemo mod for phpBB 2.0.xx allows remote attackers to execute arbitrary SQL commands via the s parameter. | |||||
| CVE-2008-2521 | 1 Yabsoft | 1 Mega File Hosting Script | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in members.php in YABSoft Mega File Hosting Script (aka MFH or MFHS) 1.2 allows remote authenticated users to execute arbitrary SQL commands via the fid parameter. | |||||
| CVE-2008-5293 | 1 Bdigital Web Solutions | 1 Webstudio Ehotel | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WebStudio eHotel allows remote attackers to execute arbitrary SQL commands via the pageid parameter. | |||||
| CVE-2008-0853 | 2 Joomla, Mambo | 2 Com Detail, Com Detail | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in CVE. | |||||
| CVE-2008-6728 | 1 Phpnuke | 1 Php-nuke | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php. | |||||
| CVE-2007-6566 | 1 Xzero Scripts | 1 Xzero Community Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php. | |||||
| CVE-2009-2122 | 2 Paolo Palmonari, Wordpress | 2 Photoracer Plugin For Wordpress, Wordpress | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewimg.php in the Paolo Palmonari Photoracer plugin 1.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3383 | 1 Mojoscripts | 1 Mojoauto | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote attackers to execute arbitrary SQL commands via the cat_a parameter in a browse action. | |||||
| CVE-2008-2652 | 1 Smeweb | 1 Smeweb | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in catalog.php in SMEWeb 1.4b and 1.4f allow remote attackers to execute arbitrary SQL commands via the (1) idp and (2) category parameters. | |||||
| CVE-2008-3585 | 1 Pozscripts | 1 Greencart Php Shopping Cart | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PozScripts GreenCart PHP Shopping Cart allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) product_desc.php and (2) store_info.php. | |||||
| CVE-2009-0284 | 1 Flaxweb | 1 Flax Article Manager | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in Flax Article Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-3918 | 1 Ovidentia | 1 Ovidentia | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the field parameter in a search action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-4804 | 2 Nukedgallery, Phpnuke | 2 Gallery, Php-nuke | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Gallery module 1.3 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the aid parameter in a showalbum action to index.php. NOTE: some of these details are obtained from third party information. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect. | |||||
| CVE-2008-6210 | 1 Dream4 | 1 Koobi | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in dream4 Koobi 4.4 and 5.4 allows remote attackers to execute arbitrary SQL commands via the img_id parameter in the gallerypic page. | |||||
| CVE-2007-6366 | 1 Sinecms | 1 Sinecms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SineCMS 2.3.4 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to mods/Calendar/index.php, accessed through a Calendar info action to mods.php; the id parameter to admin/mods_adm.php in a (2) Guestbook modifica or (3) Calendar modify action; or the (4) mese or (5) anno parameter to admin/mods_adm.php in a Calendar action. NOTE: the component for vectors 2 through 5 might be limited to administrators. | |||||