Total
12841 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1915 | 1 Devworx | 1 Blogworx | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.asp in DevWorx BlogWorx 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3413 | 1 Greatclone | 1 Auction Platinum | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in Greatclone GC Auction Platinum allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. | |||||
| CVE-2009-3255 | 1 Thomas Cuchta | 1 Rash | 2024-02-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in RASH Quote Management System (RQMS) 1.2.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter in an admin action to the default URI. | |||||
| CVE-2009-4208 | 1 Open-school | 1 Open-school | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the os_news module in Open-school (OS) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php. | |||||
| CVE-2009-0299 | 1 Groonesworld | 1 Glinks | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-4144 | 1 Discountedscripts | 1 E-gold Script Shop | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ACG-ScriptShop E-Gold Script Shop allows remote attackers to execute arbitrary SQL commands via the cid parameter in a showcat action. | |||||
| CVE-2008-6907 | 1 2532gigs | 1 2532gigs | 2024-02-28 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, as accessible from a form generated by index.php. | |||||
| CVE-2009-2232 | 1 Softbizscripts | 1 Banner Ad Management Script | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in image.php in Softbiz Banner Ad Management Script allows remote attackers to execute arbitrary SQL commands via the size_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-6038 | 1 Mapcal | 1 Mapcal | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in MapCal 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an editevent action, possibly related to dsp_editevent.php. | |||||
| CVE-2008-2509 | 1 Excuse Online | 1 Excuse Online | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pwd.asp in Excuse Online allows remote attackers to execute arbitrary SQL commands via the pID parameter. | |||||
| CVE-2008-3594 | 1 Magicscripts | 2 E-store Kit-1, E-store Kit-2 | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewdetails.php in MagicScripts E-Store Kit-1, E-Store Kit-2, E-Store Kit-1 Pro PayPal Edition, and E-Store Kit-2 PayPal Edition allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2009-1909 | 1 Openskip | 1 Skip | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-4877 | 1 Mywebcards | 1 Webcards | 2024-02-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin.php in WebCards 1.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1816 | 1 Mygamescript | 1 My Game Script | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.php in My Game Script 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the username field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3185 | 1 Comsenz | 2 Crazy Star Plugin, Discuz\! | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in plugin.php in the Crazy Star plugin 2.0 for Discuz! allows remote authenticated users to execute arbitrary SQL commands via the fmid parameter in a view action. | |||||
| CVE-2008-2523 | 1 Raknet | 1 Autopatcher Server | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Autopatcher server plugin in RakNet before 3.23 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-2010 | 1 Haudenschilt | 1 Family Connections Cms | 2024-02-28 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) thread parameter to messageboard.php, (2) member parameter to profile.php, (3) pid parameter to gallery/index.php, and the (4) fcms_login_id cookie parameter. | |||||
| CVE-2009-3217 | 1 Wiccle | 1 Iwiccle | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the member_id parameter in an edit_user action to index.php. | |||||
| CVE-2008-5978 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp. | |||||
| CVE-2008-6875 | 1 Humayun Shabbir Bhutta | 1 Asp Product Catalog | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220. | |||||