Total
15643 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1520 | 1 Fuzzymonkey | 1 Myclassifieds | 2025-04-03 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter. | |||||
| CVE-2006-0115 | 1 Oneplug Solutions | 1 Oneplug Cms | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in OnePlug Solutions OnePlug CMS allow remote attackers to execute arbitrary SQL commands via the (1) Press_Release_ID parameter in press/details.asp, (2) Service_ID parameter in services/details.asp, and (3) Product_ID parameter in products/details.asp. | |||||
| CVE-2006-1501 | 1 Oneorzero | 1 Oneorzero | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in OneOrZero 1.6.3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly in the kans action. | |||||
| CVE-2005-3046 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-04-03 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in password.php in PhpMyFaq 1.5.1 allows remote attackers to modify SQL queries and gain administrator privileges via the user field. | |||||
| CVE-2006-0959 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) 1.03, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands by setting the comma variable value via the comma parameter in a cookie. NOTE: 1.04 has also been reported to be affected. | |||||
| CVE-2006-3048 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in TikiWiki 1.9.3.2 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | |||||
| CVE-2006-0403 | 1 E-moblog | 1 E-moblog | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in e-moBLOG 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) monthy parameter to index.php or (2) login parameter to admin/index.php. NOTE: some sources have reported item 1 as involving the "monthly" parameter, but this is incorrect. | |||||
| CVE-2003-1244 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php. | |||||
| CVE-2005-4071 | 1 Cfmagic | 1 Magic Forum Personal | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in CFMagic Magic Forum Personal 2.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ForumID parameter in view_forum.cfm, and (2) ForumID, (3) Thread, and (4) ThreadID parameters in view_thread.cfm. | |||||
| CVE-2006-0199 | 1 Mini-nuke | 1 Cms System | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter. | |||||
| CVE-2006-1871 | 1 Oracle | 1 Database Server | 2025-04-03 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.5 allows remote attackers to execute arbitrary SQL commands via the DELETE_FROM_TABLE function in the DBMS_LOGMNR_SESSION (Log Miner) package, aka Vuln# DB06. | |||||
| CVE-2006-2416 | 1 E107 | 1 E107 | 2025-04-03 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in class2.php in e107 0.7.2 and earlier allows remote attackers to execute arbitrary SQL commands via a cookie as defined in $pref['cookie_name']. | |||||
| CVE-2005-4382 | 1 Citysoft | 1 Community Enterprise | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CitySoft Community Enterprise 4.x allows remote attackers to execute arbitrary SQL commands via the (1) nodeID, (2) pageID, (3) ID, and (4) parentid parameter to index.cfm; and (5) documentFormatId parameter to document/docWindow.cfm. | |||||
| CVE-2006-2157 | 1 Plogger | 1 Plogger | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.php in Plogger Beta 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, when the level is set to "slideshow". NOTE: This is a different vulnerability than CVE-2005-4246. | |||||
| CVE-2003-1530 | 1 Phpbb | 1 Phpbb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the mark[] parameter. | |||||
| CVE-2006-3775 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the init function in class_session.php in MyBB (aka MyBulletinBoard) 1.1.5 allows remote attackers to execute arbitrary SQL commands via the CLIENT-IP HTTP header ($_SERVER['HTTP_CLIENT_IP'] variable), as utilized by index.php. | |||||
| CVE-2006-4734 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in tiki-g-admin_processes.php in Tikiwiki 1.9.4 allow remote attackers to execute arbitrary SQL commands via the (1) pid and (2) where parameters. | |||||
| CVE-2005-4228 | 1 Phpwebgallery | 1 Phpwebgallery | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PhpWebGallery 1.5.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) since, (2) sort_by, and (3) items_number parameters to comments.php, (4) the search parameter to category.php, and (5) image_id parameter to picture.php. NOTE: it was later reported that the comments.php/sort_by vector also affects 1.7.2 and earlier. | |||||
| CVE-2006-1360 | 1 Musicbox | 1 Musicbox | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MusicBox 2.3 Beta 2 allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) type, or (3) show parameter to (a) index.php; or the (4) message1 or (5) message parameter to (b) cart.php. | |||||
| CVE-2005-4246 | 1 Plogger | 1 Plogger | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Plogger Beta 2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php and (2) page parameter. | |||||