Total
12396 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4920 | 1 Php Webquest | 1 Php Webquest | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in soporte_derecha_w.php in PHP Webquest 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter. | |||||
| CVE-2007-5187 | 1 Php-fusion | 1 Expanded Calendar Module | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calendar 2.x module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the sel parameter. | |||||
| CVE-2007-2111 | 1 Oracle | 1 Database Server | 2024-02-28 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 allows remote authenticated users to inject arbitrary SQL commands via unknown vectors, aka DB04. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB04 is actually for multiple vulnerabilities. | |||||
| CVE-2007-6012 | 1 Gatesoft | 1 Docusafe | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the artnr parameter (aka the search section). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0850 | 1 Dokeos | 1 Dokeos | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to whoisonline.php, (2) tracking_list_coaches_column parameter to main/mySpace/index.php, (3) tutor_name parameter to main/create_course/add_course.php, the (4) Referer HTTP header to index.php, and the (5) X-Fowarded-For HTTP header to main/admin/class_list.php. | |||||
| CVE-2008-1164 | 1 Phpcomasy | 1 Phpcomasy | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpComasy 0.8 allows remote attackers to execute arbitrary SQL commands via the mod_project_id parameter in a project_detail action. | |||||
| CVE-2007-6217 | 1 Irola | 1 My-time | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.asp in Irola My-Time (aka Timesheet) 3.5 allow remote attackers to execute arbitrary SQL commands via the (1) login (aka Username) and (2) password parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-5180 | 1 Ohesa Emlak Portali | 1 Ohesa Emlak Portali | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ohesa Emlak Portali allow remote attackers to execute arbitrary SQL commands via the (1) Kategori parameter in satilik.asp and the (2) Emlak parameter in detay.asp. | |||||
| CVE-2008-0650 | 1 Simple Os Cms | 1 Simple Os Cms | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-1305 | 2 Chieminger, Phpbb | 2 Filebase Module, Phpbb | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in filebase.php in the Filebase mod for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6394 | 1 P3mbo | 1 Content Injector | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Content Injector 1.53 allows remote attackers to execute arbitrary SQL commands via the id parameter in an expand action. | |||||
| CVE-2007-6658 | 1 Customcms | 1 Ccms | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page. | |||||
| CVE-2007-5371 | 1 Modxcms | 1 Modxcms | 2024-02-28 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in mutate_content.dynamic.php in MODx 0.9.6 allow remote attackers to execute arbitrary SQL commands via the (1) documentDirty or (2) modVariables parameter. | |||||
| CVE-2007-6462 | 1 Php Real Estate Classifieds | 1 Php Real Estate Classifieds Premium Plus | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0879 | 1 Phpnuke | 1 Web Links Module | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action. | |||||
| CVE-2007-6391 | 1 Sh-news | 1 Sh-news | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in patch/comments.php in SH-News 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0355 | 1 Phpecho Cms | 1 Phpecho Cms | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866. | |||||
| CVE-2007-5978 | 1 Xoops | 1 Mylinks Module | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in brokenlink.php in the mylinks module for XOOPS allows remote attackers to execute arbitrary SQL commands via the lid parameter. | |||||
| CVE-2008-0142 | 1 Webportal | 1 Webportal Cms | 2024-02-28 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in WebPortal CMS 0.6-beta allow remote attackers to execute arbitrary SQL commands via the user_name parameter to actions.php, and unspecified other vectors. | |||||
| CVE-2007-4736 | 1 Cartkeeper | 1 Ckgold Shopping Cart | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in CartKeeper CKGold Shopping Cart 2.0 allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||