Total
15703 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0185 | 1 Netrisk | 1 Netrisk | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the pid parameter in a profile page (possibly profile.php). | |||||
CVE-2008-3347 | 1 Myiosoft | 1 Easydynamicpages | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to execute arbitrary SQL commands via the read parameter. | |||||
CVE-2009-1500 | 1 Projectcms | 1 Projectcms | 2025-04-09 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in index.php in ProjectCMS 1.0 Beta allows remote attackers to execute arbitrary SQL commands via the sn parameter. | |||||
CVE-2009-3361 | 1 Paul Gibbs | 1 Php-ipnmonitor | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincat_id parameter. | |||||
CVE-2007-5974 | 1 Jportal | 1 Jportal Web Portal | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter. | |||||
CVE-2008-2754 | 1 Efiction | 1 Efiction | 2025-04-09 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in toplists.php in eFiction 3.0 and 3.4.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the list parameter. | |||||
CVE-2007-3909 | 1 Bandersnatch | 1 Bandersnatch | 2025-04-09 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) date and (2) limit parameters to index.php, and other unspecified vectors. | |||||
CVE-2008-3445 | 1 Phpmyrealty | 1 Phpmyrealty | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 allows remote attackers to execute arbitrary SQL commands via the location parameter. | |||||
CVE-2008-2477 | 1 Mx-system | 1 Mxbb Portal | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in MxBB (aka MX-System) Portal 2.7.3 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
CVE-2009-3314 | 1 Eliteladders | 1 Elite Gaming Ladders | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in ladders.php in Elite Gaming Ladders 3.2 allows remote attackers to execute arbitrary SQL commands via the platform parameter. | |||||
CVE-2008-3944 | 1 Discountedscripts | 1 Acg Ptp | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in ACG-PTP 1.0.6 allows remote attackers to execute arbitrary SQL commands via the adid parameter in an adorder action. | |||||
CVE-2009-4392 | 1 Typo3 | 2 Typo3, Xds Staff | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in the XDS Staff List (xds_staff) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2007-4456 | 2 Mambo, Parkview Consultants | 2 Mambo, Simplefaq | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the SimpleFAQ (com_simplefaq) 2.11 component for Mambo allows remote attackers to execute arbitrary SQL commands via the aid parameter. NOTE: it was later reported that 2.40 is also affected, and that the component can be used in Joomla! in addition to Mambo. | |||||
CVE-2008-4461 | 1 Vastal I-tech | 1 Dating Zone | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in advanced_search_results.php in Vastal I-Tech Dating Zone, possibly 0.9.9, allows remote attackers to execute arbitrary SQL commands via the fage parameter. | |||||
CVE-2008-0487 | 1 The Net Guys | 1 Aspired2protect | 2025-04-09 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: some of these details are obtained from third party information. | |||||
CVE-2008-4642 | 1 Astrospaces | 1 Astrospaces | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in profile.php in AstroSPACES 1.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action. | |||||
CVE-2008-3035 | 1 Xchangeboard | 1 Xchangeboard | 2025-04-09 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in newThread.php in XchangeBoard 1.70 Final and earlier allows remote authenticated users to execute arbitrary SQL commands via the boardID parameter. | |||||
CVE-2008-3554 | 1 Comsenz | 1 Discuz | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in Discuz! 6.0.1 allows remote attackers to execute arbitrary SQL commands via the searchid parameter in a search action. | |||||
CVE-2008-6463 | 2 Fr.simon Rundell, Typo3 | 2 Pd Churchsearch, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension before 0.1.1, and 0.2.10 and earlier 0.2.x versions, an extension for TYPO3, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2008-5122 | 1 Ektron | 1 Cms4000.net | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in Ektron CMS400.NET 7.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the res parameter. |