Total
15679 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-3784 | 2 Btitracker Project, Xbtitracker Project | 2 Btitracker, Xbtitracker | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in scrape.php in BtiTracker 1.4.7 and earlier and xBtiTracker 2.0.542 and earlier allows remote attackers to execute arbitrary SQL commands via the info_hash parameter. | |||||
CVE-2009-1741 | 1 Dutchmonkey | 1 Dm Filemanager | 2025-04-09 | 6.8 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. | |||||
CVE-2008-5123 | 1 Castillocentral | 1 Ccleague | 2025-04-09 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in admin.php in CCleague Pro 1.2 allows remote attackers to execute arbitrary SQL commands via the u parameter. | |||||
CVE-2008-1644 | 1 Savas Place | 1 Savas Link Manager | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in viewlinks.php in Sava's Link Manager 2.0 allows remote attackers to execute arbitrary SQL commands via the category parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2008-0282 | 1 Domphp | 1 Domphp | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary SQL commands via the mail parameter. | |||||
CVE-2009-1548 | 1 Qsix | 1 Blusky Cms | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in BluSky CMS allows remote attackers to execute arbitrary SQL commands via the news_id parameter in a read action. | |||||
CVE-2008-3070 | 1 Mybb | 1 Mybb | 2025-04-09 | 7.5 HIGH | N/A |
Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection. | |||||
CVE-2009-0672 | 1 Ravenphpscripts | 1 Ravennuke | 2025-04-09 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in the Resend_Email module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary SQL commands via the user_prefix parameter to modules.php. | |||||
CVE-2009-2591 | 2 E-xoopport, Runcms | 2 E-xoopport, Myannonces | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in the MyAnnonces module for E-Xoopport 3.1 allows remote attackers to execute arbitrary SQL commands via the lid parameter in a viewannonces action to index.php. | |||||
CVE-2008-4072 | 1 Phsdev | 1 Phsblog | 2025-04-09 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in index.php in phsBlog 0.2 allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter in a pickup action or (2) the sql_cid parameter, different vectors than CVE-2008-3588. | |||||
CVE-2008-1641 | 1 Efestech | 1 Video | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in default.asp in EfesTECH Video 5.0 allows remote attackers to execute arbitrary SQL commands via the catID parameter. | |||||
CVE-2008-1298 | 2 Kyantonius, Php-nuke | 2 Hadith Module, Hadith Module | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter in a viewcat action to modules.php. | |||||
CVE-2009-2599 | 1 Radscripts | 1 Radclassifieds | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in RadCLASSIFIEDS Gold 2.0 allows remote attackers to execute arbitrary SQL commands via the seller parameter in a search action. | |||||
CVE-2009-2774 | 1 Php-paid4mail | 1 Php-paid4mail | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in paidbanner.php in PHP Paid 4 Mail Script allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
CVE-2008-4757 | 1 Php-daily | 1 Php-daily | 2025-04-09 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in PHP-Daily allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) add_postit.php (b) delete.php, and (c) mod_prest_date.php; and the (2) prev parameter to (d) prest_detail.php. | |||||
CVE-2008-0650 | 1 Simple Os Cms | 1 Simple Os Cms | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2009-0292 | 1 Shop-inet | 1 Shop-inet | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in show_cat2.php in SHOP-INET 4 allows remote attackers to execute arbitrary SQL commands via the grid parameter. | |||||
CVE-2008-3755 | 1 Yourfreeworld | 1 Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in view.php in YourFreeWorld Classifieds Script allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
CVE-2009-3778 | 2 Adam Gerson, Drupal | 2 Moodle Courselist, Drupal | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in Moodle Course List 6.x before 6.x-1.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2008-2685 | 1 Battleblog | 1 Battleblog | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter, a different vector than CVE-2008-2626. |