Total
12396 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-4719 | 1 212cafe | 1 212cafeboard | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in read.php in 212cafeBoard 6.30 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-0490 | 1 Wordpress | 1 Wp Cal Plugin | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in functions/editevent.php in the WP-Cal 0.3 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2007-4552 | 1 Agares Media | 1 Arcadem | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not. | |||||
CVE-2008-0614 | 1 Photokorn | 1 Gallery | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in Photokorn Gallery 1.543 allows remote attackers to execute arbitrary SQL commands via the pic parameter in a showpic action. | |||||
CVE-2008-0821 | 1 Osi Codes Inc. | 1 Phplive | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in admin/traffic/knowledge_searchm.php in OSI Codes Inc. PHP Live! 3.2.2 allows remote attackers to execute arbitrary SQL commands via the questid parameter in an expand_question action. | |||||
CVE-2008-0185 | 1 Netrisk | 1 Netrisk | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the pid parameter in a profile page (possibly profile.php). | |||||
CVE-2007-4953 | 1 Simpcms | 1 Simpcms | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL commands via the keyword parameter in a search site action. | |||||
CVE-2008-0772 | 2 Joomla, Mambo | 2 Com Doc, Com Doc | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task. | |||||
CVE-2008-0845 | 1 Wordpress | 1 Dean Logan Wp-people Plugin | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in wp-people-popup.php in Dean Logan WP-People plugin 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the person parameter. | |||||
CVE-2008-0773 | 3 Joomla, Mambo, Phil Taylor | 4 Com Comments, Com Comments, Comments and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-0430 | 1 360 Web Manager | 1 360 Web Manager | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in form.php in 360 Web Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the IDFM parameter. | |||||
CVE-2008-1162 | 1 Php Web Scripts | 1 Dynamic Photo Gallery | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter. | |||||
CVE-2007-3909 | 1 Bandersnatch | 1 Bandersnatch | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) date and (2) limit parameters to index.php, and other unspecified vectors. | |||||
CVE-2008-0328 | 1 Fascript | 1 Faname | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-0802 | 2 Joomla, Mediaslide | 2 Com Mediaslide, Com Mediaslide | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the MediaSlide (com_mediaslide) 0.5 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the albumnum parameter in a contact action. | |||||
CVE-2007-6345 | 1 Aurora | 1 Aurora Framework | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information. | |||||
CVE-2007-4979 | 1 Kwsphp | 1 Kwsphp | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the sondages module in KwsPHP 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a results action, a different module than CVE-2007-4956.2. | |||||
CVE-2007-4258 | 1 Prozilla | 1 Prozilla Pub Site Directory | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in directory.php in Prozilla Pub Site Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
CVE-2008-0796 | 1 Nuboard | 1 Nuboard | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in threads.php in Nuboard 0.5 allows remote attackers to execute arbitrary SQL commands via the ssid parameter. | |||||
CVE-2008-1272 | 1 Bmscripts | 1 Bm Classifieds | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in BM Classifieds 20080309 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to showad.php and the (2) ad parameter to pfriendly.php. |