Total
15691 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0295 | 1 Itlpoll | 1 Itpoll | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) 2.7 Stable 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3131 | 1 Powie | 1 Psys | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showid parameter. | |||||
| CVE-2009-4070 | 1 Gforge | 1 Gforge | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2008-3888 | 1 Aspindir | 1 Mini Nuke Freehost | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action. | |||||
| CVE-2008-3267 | 1 Mojoscripts | 1 Mojojobs | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mojoJobs.cgi in MojoJobs allows remote attackers to execute arbitrary SQL commands via the cat_a parameter. | |||||
| CVE-2008-3152 | 1 Orbitscripts | 2 Smartppc, Smartppc Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote attackers to execute arbitrary SQL commands via the idDirectory parameter. | |||||
| CVE-2008-2676 | 1 Joomla | 2 Com News Portal, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the iJoomla News Portal (com_news_portal) component 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
| CVE-2008-3053 | 1 Typo3 | 1 Sql Frontend Extension | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-5958 | 1 Activewebsoftwares | 1 Active Test | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp. | |||||
| CVE-2008-6443 | 1 Phpkf | 1 Phpkf | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum_duzen.php in phpKF allows remote attackers to execute arbitrary SQL commands via the fno parameter. | |||||
| CVE-2008-4711 | 1 Joovili | 1 Joovili | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in Joovili 3.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.blog.php, (2) view.event.php, (3) view.group.php, (4) view.music.php, (5) view.picture.php, and (6) view.video.php. | |||||
| CVE-2008-6350 | 1 Turnkeyforms | 1 Local Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter. | |||||
| CVE-2008-1895 | 1 Carboncommunities | 1 Carbon Communities | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to events.asp, the (2) UserName parameter to getpassword.asp, and possibly an unspecified parameter to (3) option_Update.asp in an edit action. | |||||
| CVE-2008-6730 | 1 China-on-site | 1 Flexphplink | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php. | |||||
| CVE-2008-0490 | 1 Wordpress | 1 Wp Cal Plugin | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in functions/editevent.php in the WP-Cal 0.3 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-4432 | 1 Codemight | 1 Videocms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CodeMight VideoCMS 3.1 allows remote attackers to execute arbitrary SQL commands via the v parameter in a video action. | |||||
| CVE-2007-6518 | 1 Woltlab | 1 Burning Board Lite | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters. | |||||
| CVE-2009-2152 | 1 Isabela Gasparini | 1 Adaptweb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in a_index.php in AdaptWeb 0.9.2 allows remote attackers to execute arbitrary SQL commands via the CodigoDisciplina parameter in a TopicosCadastro1 action. | |||||
| CVE-2008-6111 | 1 Netart Media | 1 Vlog System | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to execute arbitrary SQL commands via the note parameter. | |||||
| CVE-2008-1425 | 1 Easy-clanpage | 1 Easy-clanpage | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the gallery module in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a kate action. | |||||