Total
15698 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3813 | 1 Runcms | 1 Runcms | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the (1) forum parameter to modules/forum/post.php and possibly (2) forum_id variable to modules/forum/class/class.permissions.php. | |||||
| CVE-2008-6865 | 2 Php-nuke, Phpnuke | 2 Sections Module, Php-nuke | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action. | |||||
| CVE-2008-6390 | 1 Ocean12tech | 1 Membership Manager Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-6813 | 1 Surat Kabar | 1 Phpwebnews | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter. | |||||
| CVE-2008-3785 | 1 Miacms | 1 Miacms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the com_content component in MiaCMS 4.6.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) view, (2) category, or (3) blogsection action to index.php. | |||||
| CVE-2009-3501 | 1 Bpowerhouse | 1 Bpstudents | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in students.php in BPowerHouse BPStudents 1.0 allows remote attackers to execute arbitrary SQL commands via the test parameter in a preview action. | |||||
| CVE-2008-6148 | 2 Joomla, Raven-worx | 2 Joomla, Liveticker | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Live Ticker (com_liveticker) module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a viewticker action to index.php. | |||||
| CVE-2008-6345 | 1 Cms.maury91 | 1 Solarcms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to indes.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2453 | 1 Phpclassifiedsscript | 1 Php Classifieds Script | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PHP Classifieds Script allow remote attackers to execute arbitrary SQL commands via the fatherID parameter to (1) browse.php and (2) search.php. | |||||
| CVE-2009-3974 | 1 Invisioncommunity | 1 Invision Power Board | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Invision Power Board (IPB or IP.Board) 3.0.0, 3.0.1, and 3.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) search_term parameter to admin/applications/core/modules_public/search/search.php and (2) aid parameter to admin/applications/core/modules_public/global/lostpass.php. NOTE: on 20090818, the vendor patched 3.0.2 without changing the version number. | |||||
| CVE-2008-3754 | 1 Yourfreeworld | 1 Stylish Text Ads Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1918 | 1 Php-fusion | 1 Php-fusion | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magic_quotes_gpc is disabled and the database table prefix is known, allows remote authenticated users to execute arbitrary SQL commands via the submit_info[] parameter in a link submission action. NOTE: it was later reported that 7.00.2 is also affected. | |||||
| CVE-2008-6989 | 1 Ezphotogallery | 1 Ezphotogallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-5934 | 1 Cmsisweb | 1 Cms Isweb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows remote attackers to execute arbitrary SQL commands via the id_sezione parameter. | |||||
| CVE-2008-2819 | 1 Blognplus | 1 Blognplus | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL editions allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-4176 | 1 Asp Indir | 1 Fot Video Scripti | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in izle.asp in FoT Video scripti 1.1 beta allows remote attackers to execute arbitrary SQL commands via the oyun parameter. | |||||
| CVE-2009-4477 | 1 Xstate | 1 Real Estate | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2007-6727 | 1 Max Kervin | 1 Kervinet Forum | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter. | |||||
| CVE-2008-6464 | 1 Mevin | 1 Basic-php-events-lister | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in event.php in Mevin Productions Basic PHP Events Lister 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1623 | 1 Lotus Web Studios Inc | 1 Smoothflash | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin_view_image.php in Smoothflash allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||