Total
15705 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2402 | 1 Phpecho Cms | 1 Phpecho Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a thread action, a different vector than CVE-2008-0355. | |||||
| CVE-2008-0468 | 1 Flinx | 1 Flinx | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in Flinx 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5788 | 1 Domainsellerpro | 1 Domain Seller Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Domain Seller Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-2534 | 1 Phphoo3 | 1 Phphoo3 | 2025-04-09 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a login. NOTE: CVE disputes this vulnerability, since ADMIN_USER/ADMIN_PASS are initialized before use | |||||
| CVE-2007-5630 | 1 Bbsprocess | 1 Bbportals | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.10 through 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a tnews action. | |||||
| CVE-2008-6029 | 1 Buzzywall | 1 Buzzywall | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2009-1910 | 1 Rafal Kucharski | 1 Rtwebalbum | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RTWebalbum 1.0.462 allows remote attackers to execute arbitrary SQL commands via the AlbumId parameter. | |||||
| CVE-2008-0906 | 1 Php-nuke | 1 Php-nuke Module Docum | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle operation. | |||||
| CVE-2008-1404 | 1 Exv2 | 1 Exv2 | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in the Viso (Industry Book) 2.04 and 2.03 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the kid parameter. | |||||
| CVE-2008-6069 | 2 123flashchat, E107 | 2 Echat Plugin, E107 | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in e107chat.php in the eChat plugin 4.2 for e107, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the nick parameter. | |||||
| CVE-2009-2883 | 1 Arabless | 1 Saphplesson | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin/login.php in SaphpLesson 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cp_username parameter, related to an error in the CleanVar function in includes/functions.php. | |||||
| CVE-2008-6405 | 1 Greatclone | 1 Hotscripts Clone | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showcategory.php in Hotscripts Clone allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-0299 | 1 Groonesworld | 1 Glinks | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-4743 | 1 Quidascript | 1 Faq Management Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in QuidaScript FAQ Management Script allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2009-0831 | 1 Php-fusion | 2 Members Cv Module, Php-fusion | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the sortby parameter. | |||||
| CVE-2008-4044 | 1 Aj Square | 1 Aj Hyip | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article/readarticle.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the artid parameter. | |||||
| CVE-2009-1259 | 1 Insanevisions | 1 Adaptbb | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php. | |||||
| CVE-2008-4881 | 1 Yourfreeworld | 1 Reminder Service Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Reminder Service Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6026 | 1 Bluecube | 1 Bluecube Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-3758 | 1 Citrix | 1 Xencenterweb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||