Total
12390 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0878 | 1 Runcms | 1 Myannonces | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | |||||
CVE-2007-1302 | 1 Li-scripts | 1 Li-guestbook | 2024-02-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in guestbook.php in LI-Guestbook 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the country parameter. NOTE: it was later reported that 1.2 is also affected. | |||||
CVE-2007-5688 | 3 Invision Power Services, Phpbb, Sebflipper | 3 Invision Power Board, Phpbb, Multi-forums Module | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to execute arbitrary SQL commands via the (1) go and (2) cat parameters. | |||||
CVE-2007-6084 | 1 Hotscripts | 1 Clone Script | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-0936 | 1 Xoops | 1 Prayer List Module | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | |||||
CVE-2008-0353 | 1 Php-residence | 1 Php-residence | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in visualizza_tabelle.php in php-residence 0.7.2 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cognome_cerca parameter. NOTE: some of these details are obtained from third party information. | |||||
CVE-2006-6747 | 1 Dreaxteam | 1 Xt-news | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in show_news.php in Xt-News 0.1 allows remote attackers to execute arbitrary SQL commands via the id_news parameter. | |||||
CVE-2007-6577 | 1 Zsuite | 1 Zblog | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action. | |||||
CVE-2008-0224 | 1 Runcms | 1 Runcms | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Newbb_plus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter. | |||||
CVE-2007-6517 | 1 Aeries | 1 Aeries Browser Interface | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information. | |||||
CVE-2007-6467 | 1 Mkportal | 1 Mkportal | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in MKPortal 1.1 RC1 allows remote attackers to execute arbitrary SQL commands via the ida parameter in a gallery foto_show action. | |||||
CVE-2007-4956 | 1 Kwsphp | 1 Kwsphp | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to login.php, (2) the id parameter to index.php in a carnet editer action in the Member_Space (espace_membre) module, or (3) the typenav parameter to index.php in a browser aff action in the stats module. | |||||
CVE-2008-0695 | 1 Bookmarkx | 1 Script | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in BookmarkX script 2007 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a showtopic action. | |||||
CVE-2008-0880 | 1 Phpnuke | 1 Easycontent Module | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | |||||
CVE-2007-5222 | 1 Maxdev | 1 Mdpro | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.76 allows remote attackers to execute arbitrary SQL commands via a "Firefox ID=" substring in a Referer HTTP header. | |||||
CVE-2008-0422 | 1 Boastmachine | 1 Boastmachine | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in mail.php in boastMachine (aka bMachine) 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-0846 | 2 Joomla, Mambo | 2 Com Profile, Com Profile | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter. | |||||
CVE-2007-6663 | 2 Joomla, Pragmatic Utopia | 2 Joomla, Pu Arcade | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arcade (com_puarcade) 2.0.3, 2.1.2, and 2.1.3 Beta component for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter to index.php. | |||||
CVE-2006-5221 | 1 Cahier De Textes | 1 Cahier De Textes | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Cahier de texte 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) matiere_ID parameter in lire.php or the (2) classe_ID parameter in lire_a_faire.php. | |||||
CVE-2008-0750 | 1 Husrev | 1 Blackboard | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in philboard_forum.asp in Husrev BlackBoard 2.0.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. |