Total
12396 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-6538 | 2 Moodle, Mrbs | 2 Moodle, Mrbs | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0829 | 3 Joomla, Joomlapixel, Mambo | 3 Joomla, Jooget, Mambo | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task. | |||||
| CVE-2008-0689 | 1 Joomla | 1 Com Marketplace | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action. | |||||
| CVE-2008-0653 | 1 Joomla | 1 Com Ynews | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showYNews action. | |||||
| CVE-2008-1053 | 1 Phpnuke | 1 Kose Yazilari Module | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Kose_Yazilari module for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the artid parameter in a (1) viewarticle or (2) printpage action to modules.php. | |||||
| CVE-2007-6159 | 1 Tilde | 1 Tilde Cms | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to execute arbitrary SQL commands via the aarstal parameter in a yeardetail action, a different vector than CVE-2006-1500. | |||||
| CVE-2008-0692 | 1 Itechscripts | 1 Itechbids | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | |||||
| CVE-2006-7089 | 1 Ban | 1 Ban | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in connexion.php in Ban 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-7116 | 1 Kubix | 1 Kubix | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/functions.php in Kubix 0.7 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the member_id parameter ($id variable) to index.php. | |||||
| CVE-2007-6311 | 1 Falt4 Cms | 1 Falt4 Extreme Rc4 | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in (1) index.php, and possibly (2) admin/index.php, in Falt4Extreme RC4 10.9.2007 allows remote attackers to execute arbitrary SQL commands via the nav_ID parameter. | |||||
| CVE-2007-5997 | 1 Softbizscripts | 1 Banner Exchange Network Script | 2024-02-28 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in campaign_stats.php in Softbiz Banner Exchange Network Script 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6586 | 1 Niclor | 1 Niclor | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php. | |||||
| CVE-2008-0514 | 2 Joomla, Mambo | 2 Glossary, Glossary | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Glossary (com_glossary) 2.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action. | |||||
| CVE-2008-0831 | 1 Joomla | 1 Rapid Recipe | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Rapid Recipe (com_rapidrecipe) 1.6.5 and earlier component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) user_id or (2) category_id parameter. NOTE: this might overlap CVE-2008-0754. | |||||
| CVE-2008-0159 | 1 Eggblog | 1 Eggblog | 2024-02-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the eggblogpassword parameter in a cookie. | |||||
| CVE-2008-0360 | 1 Blog Cms | 1 Blog Cms | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BLOG:CMS 4.2.1b allow remote attackers to execute arbitrary SQL commands via (1) the blogid parameter to index.php, (2) the user parameter to action.php, or (3) the field parameter to admin/plugins/table/index.php. | |||||
| CVE-2007-5372 | 2 Dws Systems Inc., Ledgersmb | 2 Sql-ledger, Ledgersmb | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field. | |||||
| CVE-2008-0579 | 1 Joomla | 1 Com Buslicense | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the buslicense (com_buslicense) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in a list action. | |||||
| CVE-2008-0388 | 1 Wordpress | 1 Wp Forum | 2024-02-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the WP-Forum 1.7.4 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the user parameter in a showprofile action to the default URI. | |||||
| CVE-2007-5766 | 1 Oracle | 1 E-business Suite | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure. | |||||