Total
15698 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2592 | 1 Phpjunkyard | 1 Gbook | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in guestbook.php in PHPJunkYard GBook 1.6 allows remote attackers to execute arbitrary SQL commands via the mes_id parameter. | |||||
| CVE-2008-0518 | 2 Joomla, Mambo | 2 Com Recipes, Com Recipes | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Recipes (com_recipes) 1.00 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-5634 | 1 Activewebsoftwares | 1 Active Force Matrix | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in account.asp in Active Force Matrix 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-3414 | 1 Siteadmin | 1 Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in line2.php in SiteAdmin allows remote attackers to execute arbitrary SQL commands via the art parameter. | |||||
| CVE-2007-5449 | 1 Softbiz | 1 Recipes Portal Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in searchresult.php in Softbiz Recipes Portal Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter. | |||||
| CVE-2008-5070 | 1 Pro Chat Rooms | 1 Pro Chat Rooms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Pro Chat Rooms 3.0.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the gud parameter to (1) profiles/index.php and (2) profiles/admin.php. | |||||
| CVE-2008-2562 | 1 Powerphlogger | 1 Powerphlogger | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and earlier allows remote authenticated users to execute arbitrary SQL commands via the css_str parameter in an edit action. | |||||
| CVE-2008-0358 | 1 Pixelpost | 1 Pixelpost | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter. | |||||
| CVE-2008-4496 | 1 Select Development Solutions | 1 Php Realtor | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_cat.php in PHP Realtor 1.5 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter. | |||||
| CVE-2008-4912 | 1 Rs Maxsoft | 2 Fotogalerie, Rs Maxsoft | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in popup_img.php in the fotogalerie module in RS MAXSOFT allows remote attackers to execute arbitrary SQL commands via the fotoID parameter. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect. | |||||
| CVE-2008-2669 | 1 Y-blog | 1 Yblog | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote attackers to execute arbitrary SQL commands via (1) the q parameter to search.php, or the n parameter to (2) user.php or (3) uss.php. | |||||
| CVE-2008-4902 | 1 Scripts Frenzy | 1 Article Publisher Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in contact_author.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter. | |||||
| CVE-2007-4952 | 1 Omnistar Interactive | 1 Omnistar Article Manager | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917. | |||||
| CVE-2007-6171 | 1 Digium | 1 Asterisk | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Postgres Realtime Engine (res_config_pgsql) in Asterisk 1.4.x before 1.4.15 and C.x before C.1.0-beta6 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2009-4350 | 1 Boldfx | 1 Arctic Issue Tracker | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Arctic Issue Tracker 2.1.1 allows remote attackers to execute arbitrary SQL commands via the (1) matchings[id] or (2) matchings[title] parameters in a Login action to an unspecified program, or (3) the matchings[id] parameter in a search action to index.php, a different vector than CVE-2008-3250. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3430 | 1 Allomani | 1 Mobile | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Allomani Mobile 2.5 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | |||||
| CVE-2007-5490 | 1 Okulumunsitesi | 1 Portal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Okul Otomasyon Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1840 | 1 Coppermine | 1 Coppermine Photo Gallery | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload. | |||||
| CVE-2008-0511 | 2 Joomla, Mambo | 2 Com Mamml, Com Mamml | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | |||||
| CVE-2009-3358 | 1 Tourismscripts | 1 Adult Portal Escort Listing | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | |||||