Total
12380 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-6172 | 1 Wire Plastic Design | 1 Wpquiz | 2024-02-28 | 10.0 HIGH | N/A |
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php. | |||||
CVE-2007-6634 | 1 Netbizcity | 1 Faqmasterflexplus | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to execute arbitrary SQL commands via the category_id parameter to faq.php, and unspecified other vectors involving additional scripts. | |||||
CVE-2007-5123 | 1 Solidweb | 1 Novus | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in notas.asp in Novus 1.0 allows remote attackers to execute arbitrary SQL commands via the nota_id parameter. | |||||
CVE-2007-6078 | 1 Skyportal | 1 Skyportal | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) nc_top.asp; (2) inc_bookmarks.asp, possibly involving a parameter passed from cp_main.asp; (3) inc_profile_functions.asp; or (4) inc_SUBSCRIPTIONS.asp; or the (5) Avatar_URL, (6) LINK1, or (7) LINK2 parameter to cp_main.asp in an EditIt action. | |||||
CVE-2008-1297 | 3 Ewriting, Joomla, Mambo | 3 Ewriting, Com Ewriting, Com Ewriting | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action. | |||||
CVE-2007-6602 | 1 Noserub | 1 Noserub | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username field to the login script. | |||||
CVE-2008-0839 | 2 Astats, Joomla | 2 Astatspro, Com Astatspro | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-0279 | 1 Xforum | 1 Xforum | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected. | |||||
CVE-2007-1250 | 1 Angel Learning | 1 Learning Management Suite | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in section/default.asp in ANGEL Learning Management Suite (LMS) 7.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-0468 | 1 Flinx | 1 Flinx | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in category.php in Flinx 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-0878 | 1 Runcms | 1 Myannonces | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | |||||
CVE-2007-1302 | 1 Li-scripts | 1 Li-guestbook | 2024-02-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in guestbook.php in LI-Guestbook 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the country parameter. NOTE: it was later reported that 1.2 is also affected. | |||||
CVE-2007-5688 | 3 Invision Power Services, Phpbb, Sebflipper | 3 Invision Power Board, Phpbb, Multi-forums Module | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to execute arbitrary SQL commands via the (1) go and (2) cat parameters. | |||||
CVE-2007-6084 | 1 Hotscripts | 1 Clone Script | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-0936 | 1 Xoops | 1 Prayer List Module | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | |||||
CVE-2008-0353 | 1 Php-residence | 1 Php-residence | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in visualizza_tabelle.php in php-residence 0.7.2 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cognome_cerca parameter. NOTE: some of these details are obtained from third party information. | |||||
CVE-2006-6747 | 1 Dreaxteam | 1 Xt-news | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in show_news.php in Xt-News 0.1 allows remote attackers to execute arbitrary SQL commands via the id_news parameter. | |||||
CVE-2007-6577 | 1 Zsuite | 1 Zblog | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action. | |||||
CVE-2008-0224 | 1 Runcms | 1 Runcms | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Newbb_plus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter. | |||||
CVE-2007-6517 | 1 Aeries | 1 Aeries Browser Interface | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information. |