Total
15704 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2337 | 1 W3bcms | 2 Gaestebuch Guestbook Module, W3bcms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in includes/module/book/index.inc.php in w3b|cms Gaestebuch Guestbook Module 3.0.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the spam_id parameter. | |||||
| CVE-2009-3315 | 1 Nelogic | 1 Nephp Publisher | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/index.php in NeLogic Nephp Publisher Enterprise 3.5.9 and 4.5 allows remote attackers to execute arbitrary SQL commands via the Username field. | |||||
| CVE-2008-6320 | 1 Cfshopkart | 1 Cf Shopkart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arbitrary SQL commands via the Category parameter in a ViewCategory action. | |||||
| CVE-2009-0400 | 1 Socialengine | 1 Socialengine | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in blog.php in SocialEngine 3.06 trial allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
| CVE-2008-3413 | 1 Greatclone | 1 Auction Platinum | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in Greatclone GC Auction Platinum allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. | |||||
| CVE-2007-5061 | 1 Clansphere | 1 Clansphere | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mods/banners/navlist.php in Clansphere 2007.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php in a banners action. | |||||
| CVE-2008-2632 | 1 Joomla | 2 Com Acctexp, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php. | |||||
| CVE-2009-1033 | 1 Deluxebb | 1 Deluxebb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in misc.php in DeluxeBB 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the qorder parameter, a different vector than CVE-2005-2989 and CVE-2006-2503. | |||||
| CVE-2008-3507 | 1 Wogan May | 1 Litenews | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in LiteNews 0.1 (aka 01), and possibly 1.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action. | |||||
| CVE-2007-4835 | 1 Phpmyquote | 1 Phpmyquote | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpMyQuote 0.20 allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action. | |||||
| CVE-2009-4296 | 2 Brian Miller, Drupal | 2 Taxonomy Timer, Drupal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Taxonomy Timer module 5.x-1.8 and earlier and 6.x-alpha1 and earlier for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-3494 | 1 Todor Lazarov | 1 T-htb Manager | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in index.php in T-HTB Manager 0.5, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a delete_category action, (2) the name parameter in an update_category action, and other vectors. | |||||
| CVE-2008-6369 | 1 Ocean12tech | 1 Contact Manager Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to execute arbitrary SQL commands via the Sort parameter. | |||||
| CVE-2008-6526 | 1 Bosdev | 1 Bos Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in BosDev BosClassifieds allows remote attackers to execute arbitrary SQL commands via the cat_id parameter, a different vector than CVE-2008-1838. | |||||
| CVE-2009-1362 | 1 Chcounter | 1 Chcounter | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in administration/index.php in chCounter 3.1.3 allows remote attackers to execute arbitrary SQL commands via the login_name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-6117 | 1 Pilotgroup | 1 Pg Job Site Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in homepage.php in PG Job Site Pro allows remote attackers to execute arbitrary SQL commands via the poll_view_id parameter in a results action. | |||||
| CVE-2008-3722 | 1 Fipsasp | 1 Fipscms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0606 | 3 Joomla, Mambo, Phil Taylor | 3 Com Shambo2, Com Shambo2, Shambo2 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter. | |||||
| CVE-2008-2118 | 1 Project Alumni | 1 Project Alumni | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in info.php in Project Alumni 1.0.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3765 | 1 Discountedscripts | 1 Quick Poll Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in code.php in Quick Poll Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||