Total
15704 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5122 | 1 Ektron | 1 Cms4000.net | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in Ektron CMS400.NET 7.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the res parameter. | |||||
| CVE-2008-5003 | 1 Shahrood | 1 Shahrood | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-4778 | 1 Joomla | 1 Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to (1) archive.php, (2) category.php, or (3) section.php in models/. NOTE: this may be the same as CVE-2007-4777. | |||||
| CVE-2008-4621 | 1 Zeescripts | 1 Zeeproperty | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bannerclick.php in ZeeScripts Zeeproperty allows remote attackers to execute arbitrary SQL commands via the adid parameter. | |||||
| CVE-2008-0286 | 1 Article Dashboard | 1 Article Dashboard | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields. | |||||
| CVE-2009-4104 | 2 Joomla, Lyften | 2 Joomla\!, Com Lyftenbloggie | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Lyften Designs LyftenBloggie (com_lyftenbloggie) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter to index.php. | |||||
| CVE-2006-6038 | 1 Powie | 1 Pforum | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in editpoll.php in Powie's PHP Forum (pForum) 1.29a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6917 | 1 Exoscripts | 1 Exophpdesk | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user parameter). | |||||
| CVE-2009-2148 | 1 Campusvirtualcomputrade | 1 Campus Virtual-lms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news/index.php in Campus Virtual-LMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2865 | 1 Kalptaru Infotech | 1 Php Site Lock | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a show_article action. | |||||
| CVE-2008-2036 | 1 Dream4 | 1 Koobi | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in dream4 Koobi Pro 6.25 allows remote attackers to execute arbitrary SQL commands via the poll_id parameter in a poll action. | |||||
| CVE-2008-1540 | 2 Joomla, Mambo | 2 Datsogallery, Datsogallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-3308 | 1 Fanupdate | 1 Fanupdate | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter. | |||||
| CVE-2007-4846 | 1 Webace | 1 Webace-linkscript | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in start.php in Webace-Linkscript (wls) 1.3 Special Edition (SE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik go action. | |||||
| CVE-2008-3756 | 1 Yourfreeworld | 1 Viral Marketing Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Viral Marketing Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5192 | 1 Philboard | 1 Philboard | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920. | |||||
| CVE-2007-3933 | 1 Quickestore | 1 Quickestore | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in insertorder.cfm in QuickEStore 8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the CFTOKEN parameter, a different vector than CVE-2006-2053. | |||||
| CVE-2009-2428 | 1 Tauschregal.de | 1 Tausch Ticket Script | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Tausch Ticket Script 3 allow remote attackers to execute arbitrary SQL commands via the (1) userid parameter to suchauftraege_user.php and the (2) descr parameter to vote.php; and other unspecified vectors. | |||||
| CVE-2007-6299 | 1 Drupal | 1 Drupal | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x before 4.7.9 and 5.x before 5.4 allow remote attackers to execute arbitrary SQL commands via modules that pass input to the taxonomy_select_nodes function, as demonstrated by the (1) taxonomy_menu, (2) ajaxLoader, and (3) ubrowser contributed modules. | |||||
| CVE-2008-5888 | 1 Icash | 1 Click\&rank | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Click&Rank allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hitcounter.asp, (2) user_delete.asp, and (3) user_update.asp; (4) the userid parameter to admin_login.asp (aka the USERNAME field in admin.asp); and (5) the PassWord parameter to admin_login.asp (aka the PASSWORD field in admin.asp). NOTE: some of these details are obtained from third party information. | |||||