Total
15623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4845 | 1 Rwscripts.com | 1 Rw Download Lite | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Download 2.0.3 lite allow remote attackers to execute arbitrary SQL commands via the (1) dlid or (2) cid parameter. | |||||
| CVE-2009-1945 | 1 Tzo | 1 Webcal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in webCal3_detail.asp in WebCal 3.04 allows remote attackers to execute arbitrary SQL commands via the event_id parameter. | |||||
| CVE-2008-2688 | 1 Pilotcart | 1 Pilot Cart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pilot.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the article parameter in a kb action. | |||||
| CVE-2008-3089 | 1 Xpoze | 1 Xpoze Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter. | |||||
| CVE-2008-2626 | 1 Battleblog | 1 Battleblog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comment.asp in Battle Blog 1.25 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter. | |||||
| CVE-2007-5485 | 1 Kwsphp | 1 Kwsphp | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the mg2 1.0 module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the album parameter. | |||||
| CVE-2008-0262 | 1 Agares Media | 1 Phpautovideo | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter. | |||||
| CVE-2008-1305 | 2 Chieminger, Phpbb | 2 Filebase Module, Phpbb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in filebase.php in the Filebase mod for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-7138 | 1 Oracle | 1 Apex | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in wwv_flow_utilities.gen_popup_list in the WWV_FLOW_UTILITIES package for Oracle APEX/HTMLDB before 2.2 allows remote authenticated users to execute arbitrary SQL by modifying the P_LOV parameter and calculating a matching MD5 checksum for the P_LOV_CHECKSUM parameter. NOTE: it is likely that this issue is subsumed by CVE-2006-5351, but due to lack of details from Oracle, this cannot be proven. | |||||
| CVE-2008-4145 | 1 Addalink | 1 Addalink | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in user_read_links.php in Addalink 1.0 beta 4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
| CVE-2008-3943 | 1 Ezonescripts | 1 Living Local | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows remote attackers to execute arbitrary SQL commands via the r parameter. | |||||
| CVE-2008-3370 | 1 Emc | 1 Centera Universal Access | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the CUA Login Module in EMC Centera Universal Access (CUA) 4.0_4735.p4 allows remote attackers to execute arbitrary SQL commands via the user (user name) field. | |||||
| CVE-2007-6143 | 1 Vu | 1 Case Manager | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp (aka the Login Page) in VU Case Manager allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2008-2919 | 1 Gryphonllc | 1 Gryphon Gllcts2 | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the sort parameter. | |||||
| CVE-2007-6288 | 1 Tecnick.com | 1 Tcexam | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in TCExam before 5.1.000 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6606 | 1 Matpo | 1 Matpo Link | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2416 | 1 Fichive | 1 Fichive | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php. | |||||
| CVE-2009-0462 | 1 Clicktech | 1 Clickcart | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in customer_login_check.asp in ClickTech ClickCart 6.0 allow remote attackers to execute arbitrary SQL commands via (1) the txtEmail parameter (aka E-MAIL field) or (2) the txtPassword parameter (aka password field) to customer_login.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1626 | 1 Will Kraft | 1 Ez-blog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in public/specific.php in EZ-Blog before Beta 2 20090427, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2008-2765 | 1 Xigla | 1 Absolute Image Gallery Xe | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.asp in Xigla Absolute Image Gallery XE allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action. | |||||