Total
12841 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4202 | 1 Gonafish | 1 Linkscaffepro | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Gonafish LinksCaffePRO 4.5 allows remote attackers to execute arbitrary SQL commands via the idd parameter in a deadlink action. | |||||
| CVE-2008-6078 | 1 Limbo Cms | 2 Com Privmsg, Limbo Cms | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in open.php in the Private Messaging (com_privmsg) component for Limbo CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a pms action to index.php. | |||||
| CVE-2008-6392 | 1 1scripts | 1 Z1exchange | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4186 | 1 Webcms | 1 Webcms Portal Edition | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in webCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id_doc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-5058 | 1 Preproject | 1 Pre Simple Cms | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3806 | 1 Dedecms | 1 Dedecms | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in feedback_js.php in DedeCMS 5.1 allows remote attackers to execute arbitrary SQL commands via the arcurl parameter. | |||||
| CVE-2008-6781 | 1 Scripts-for-sites | 1 Ez Gaming Directory | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Sites for Scripts (SFS) Gaming Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | |||||
| CVE-2009-3193 | 2 Joomla, Uwix | 2 Joomla, Com Digifolio | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the DigiFolio (com_digifolio) component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php. | |||||
| CVE-2009-2616 | 1 Datachecknh | 1 Sitepal | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions SitePal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2671 | 1 Dcfm Blog | 1 Dcfm Blog | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6443 | 1 Phpkf | 1 Phpkf | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum_duzen.php in phpKF allows remote attackers to execute arbitrary SQL commands via the fno parameter. | |||||
| CVE-2008-4711 | 1 Joovili | 1 Joovili | 2024-02-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in Joovili 3.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.blog.php, (2) view.event.php, (3) view.group.php, (4) view.music.php, (5) view.picture.php, and (6) view.video.php. | |||||
| CVE-2008-6031 | 1 Wsn Links | 1 Wsn Links | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable. | |||||
| CVE-2008-6419 | 1 Socialsitegenerator | 1 Social Site Generator | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php. | |||||
| CVE-2008-5573 | 1 Adcomplete | 1 Poll Pro | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login feature in Poll Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) Password and (2) username parameters. | |||||
| CVE-2008-4743 | 1 Quidascript | 1 Faq Management Script | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in QuidaScript FAQ Management Script allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2009-1852 | 1 Graphiks | 1 Myforum | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Graphiks MyForum 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. | |||||
| CVE-2009-2023 | 1 Shop-script | 1 Shop-script | 2024-02-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Shop-Script Pro 2.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the current_currency parameter. | |||||
| CVE-2008-5004 | 1 Mywebland | 1 Bloggie Lite | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in genscode.php in myWebland Bloggie Lite 0.0.2 beta allows remote attackers to execute arbitrary SQL commands via a crafted cookie. | |||||
| CVE-2008-3090 | 1 Blognplus | 1 Blognplus | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819. | |||||