Total
15625 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1350 | 1 Fully Modded Phpbb | 1 Fully Modded Phpbb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm) 80220 allows remote attackers to execute arbitrary SQL commands via the k parameter in an article action. | |||||
| CVE-2008-5064 | 1 H\&h | 1 Websoccer | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in liga.php in H&H WebSoccer 2.80 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-4393 | 2 Daniel Ptzinger, Typo3 | 2 Danp Documentdirs, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Document Directorys (danp_documentdirs) extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-1952 | 1 Propertymaxpro | 1 Propertymax Pro Free | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the administrative login feature in PropertyMax Pro FREE 0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2009-0881 | 1 Josema Enzo | 1 Isiajax | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-0420 | 2 Joomla, Rd-media | 2 Joomla, Rd-autos | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2008-3774 | 1 Simasy | 1 Simasy Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Simasy CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-5242 | 1 Etomite | 1 Etomite | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Etomite Content Management System (CMS) before 0.6.1.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-1346 | 1 Myiosoft | 1 Easycalendar | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in staticpages/easygallery/index.php in MyioSoft EasyGallery 5.0tr and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action. | |||||
| CVE-2009-0384 | 1 Adam Tomecek | 1 Ownrs | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4883 | 1 Yourfreeworld | 1 Blog Blaster Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Blog Blaster Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6648 | 1 Ktools | 1 Photostore | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter to about_us.php. NOTE: this might be the same issue as CVE-2008-6647. | |||||
| CVE-2008-6236 | 1 Cafuego | 1 Simple Document Management System | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3845 | 1 Craftysyntax | 1 Crafty Syntax Live Help | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php. | |||||
| CVE-2008-3119 | 1 Dreamlevels | 1 Dream Pics Builder | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2007-5189 | 1 X-script | 1 Guestbook | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in mes_add.php in x-script GuestBook 1.3a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) icq, and (4) website parameters. | |||||
| CVE-2009-0741 | 1 Craftsilicon | 1 Banking\@home | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Login.asp in Craft Silicon Banking@Home 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the LoginName parameter. | |||||
| CVE-2008-3787 | 1 Nullscripts | 1 Web Directory Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in listing_view.php in Web Directory Script 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||||
| CVE-2008-3310 | 1 Preproject | 1 Pre Survey Poll | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Pre Survey Poll allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2009-3503 | 1 Bpowerhouse | 1 Bpholidaylettings | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) rid and (2) tid parameters. | |||||