Total
12394 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0853 | 2 Joomla, Mambo | 2 Com Detail, Com Detail | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in CVE. | |||||
CVE-2008-0280 | 1 Mtcms | 1 Mtcms | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in MTCMS 2.0 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the (1) a or (2) cid parameter. | |||||
CVE-2007-5511 | 1 Oracle | 1 Database Server | 2024-02-28 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain. | |||||
CVE-2007-4095 | 1 Bsm Store | 1 Dependent Forums | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in BSM Store Dependent Forums 1.02 allows remote attackers to execute arbitrary SQL commands via a Username field in an unspecified component, probably the FrmUserName parameter in login.asp. | |||||
CVE-2008-0421 | 1 Invision Power Services | 1 Invision Gallery | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in Invision Gallery 2.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the album parameter in a rate command. | |||||
CVE-2008-0856 | 1 E-vision | 1 E-vision Cms | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) iframe.php and (2) print.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2008-0255 | 1 Igamingcms | 1 Igaming Cms | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter. | |||||
CVE-2007-4602 | 1 Implied By Design | 1 Micro Cms | 2024-02-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in cms/revert-content.php in Implied by Design Micro CMS (Micro-CMS) 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-0753 | 1 Vwar | 1 Virtual War | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in calendar.php in Virtual War (VWar) 1.5 allows remote attackers to execute arbitrary SQL commands via the month parameter. | |||||
CVE-2007-6169 | 1 Gouae | 1 Dwd Realty | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty allows remote attackers to execute arbitrary SQL commands via the uname parameter, a different vector than CVE-2007-6163. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2007-6125 | 1 Softbiz | 1 Freelancers Script | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in search_form.php in Softbiz Freelancers Script 1 allows remote attackers to execute arbitrary SQL commands via the sb_protype parameter. | |||||
CVE-2007-6143 | 1 Vu | 1 Case Manager | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in default.asp (aka the Login Page) in VU Case Manager allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
CVE-2007-4597 | 1 Turnkey Web Tools | 1 Sunshop Shopping Cart | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the s[cid] parameter in a search_list action, a different vector than CVE-2007-2549. | |||||
CVE-2008-0735 | 1 Auracms | 1 Auracms | 2024-02-28 | 10.0 HIGH | N/A |
SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the albums parameter. | |||||
CVE-2007-4368 | 1 Ibm | 1 Rational Clearquest | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command. | |||||
CVE-2007-6622 | 1 Zeuscms | 1 Zeuscms | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header. | |||||
CVE-2006-6109 | 1 Candypress | 1 Candypress Store | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in CandyPress Store 3.5.2.14 allow remote attackers to execute arbitrary SQL commands via the (1) policy parameter in openPolicy.asp or the (2) brand parameter in prodList.asp. | |||||
CVE-2007-6223 | 1 Phpbb | 1 Garage | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in garage.php in phpBB Garage 1.2.0 Beta3 allows remote attackers to execute arbitrary SQL commands via the make_id parameter in a search action in browse mode. | |||||
CVE-2008-0681 | 1 Phpshop | 1 Phpshop | 2024-02-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action. | |||||
CVE-2007-0789 | 1 Mambo | 1 Mambo | 2024-02-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter. |