Total
12395 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0270 | 1 Taskfreak | 1 Taskfreak | 2024-02-28 | 6.0 MEDIUM | N/A |
SQL injection vulnerability in index.php in TaskFreak! 0.6.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sContext parameter. | |||||
CVE-2007-5104 | 1 Bcoos | 1 Bcoos | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Arcade module in bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a play_game action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2008-0683 | 1 Wordpress | 1 St Newsletter Plugin | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter. | |||||
CVE-2007-6580 | 1 Wallpaper | 1 Wallpaper Complete Website | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Wallpaper Site 1.0.09 allow remote attackers to execute arbitrary SQL commands via (1) the catid parameter to category.php or (2) the groupid parameter to editadgroup.php. | |||||
CVE-2008-0099 | 1 Myphp Forum | 1 Myphp Forum | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the searchtext parameter to search.php, and unspecified other vectors. | |||||
CVE-2008-1219 | 1 Phpnuke | 1 Kutubisitte Component | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Kutub-i Sitte (KutubiSitte) 1.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the kid parameter in a hadisgoster action to modules.php. | |||||
CVE-2008-0835 | 1 Simple Cms | 1 Simple Cms | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in indexen.php in Simple CMS 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the area parameter. | |||||
CVE-2007-5887 | 1 Infuseum | 1 Asp Message Board | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in boards/printer.asp in ASP Message Board 2.2.1c allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2007-3119 | 1 Kartli Alisveris Sistemi | 1 Kartli Alisveris Sistemi | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) 1.0 allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | |||||
CVE-2007-3705 | 1 Fusetalk | 1 Fusetalk | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVAR_SUBCAT (txForumID) parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm. | |||||
CVE-2008-0943 | 1 Aeries | 1 Aeries Student Information System | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp. | |||||
CVE-2008-0428 | 1 Bloofoxcms | 1 Bloofoxcms | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the login function in system/class_permissions.php in bloofoxCMS 0.3 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/index.php. | |||||
CVE-2007-0582 | 1 Chernobile | 1 Chernobile | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in default.asp in ChernobiLe 1.0 allows remote attackers to execute arbitrary SQL commands via the User (username) field. | |||||
CVE-2008-0154 | 1 Evilboard | 1 Evilboard | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to execute arbitrary SQL commands the c parameter. | |||||
CVE-2008-1121 | 1 Eazyportal | 1 Eazyportal | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in eazyPortal 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the session_vars cookie. | |||||
CVE-2008-0173 | 1 Gforge | 1 Gforge | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in Gforge 4.6.99 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified parameters, related to RSS exports. | |||||
CVE-2008-0447 | 1 Foojan | 1 Php Weblog | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in Foojan WMS PHP Weblog 1.0 allows remote attackers to execute arbitrary SQL commands via the story parameter. | |||||
CVE-2007-6164 | 1 Eurologon | 1 Eurologon Cms | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Eurologon CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) reviews.php, (2) links.php and (3) articles.php. | |||||
CVE-2007-5308 | 1 Php Homepage M | 1 Php Homepage M | 2024-02-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action. | |||||
CVE-2008-0842 | 1 Joomla | 1 Com Clasifier | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. |