Total
12393 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0557 | 1 Mamboserver | 1 Catalogshop | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
CVE-2008-0538 | 1 Phpip | 1 Phpip Management | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to login.php, the (2) id parameter to display.php, and unspecified other vectors. NOTE: some of these details are obtained from third party information. | |||||
CVE-2008-0453 | 1 Easysitenetwork | 1 Recipe Website Script | 2024-02-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in list.php in Easysitenetwork Recipe allows remote attackers to execute arbitrary SQL commands via the categoryid parameter. | |||||
CVE-2008-0487 | 1 The Net Guys | 1 Aspired2protect | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: some of these details are obtained from third party information. | |||||
CVE-2007-6587 | 1 Plogger | 1 Plogger | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-0254 | 1 Wavelink Media | 1 Tutorialcms | 2024-02-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter. | |||||
CVE-2007-5408 | 1 Cplinks | 1 Cpdynalinks | 2024-02-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in category.php in cpDynaLinks 1.02 allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
CVE-2007-4778 | 1 Joomla | 1 Joomla | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to (1) archive.php, (2) category.php, or (3) section.php in models/. NOTE: this may be the same as CVE-2007-4777. | |||||
CVE-2008-0451 | 1 Pacercms | 1 Pacercms | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) siteadmin/article-edit.php; and unspecified parameters to (2) submitted-edit.php, (3) page-edit.php, (4) section-edit.php, (5) staff-edit.php, and (6) staff-access.php in siteadmin/. | |||||
CVE-2007-6666 | 1 Zenphoto | 1 Zenphoto | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 allows remote attackers to execute arbitrary SQL commands via the albumnr parameter. | |||||
CVE-2008-0520 | 1 Wordpress | 1 Wassup Plugin | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) from_date or (2) to_date parameter to spy.php. | |||||
CVE-2007-6275 | 1 Bcoos | 1 Bcoos | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in modules/adresses/ratefile.php in bcoos 1.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter, a different vector than CVE-2007-6266. | |||||
CVE-2007-6291 | 1 Xigla | 1 Absolute Banner Manager.net | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in abm.aspx in Xigla Absolute Banner Manager .NET 4.0 allows remote attackers to execute arbitrary SQL commands via the z parameter. | |||||
CVE-2006-6402 | 1 Mystats | 1 Mystats | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in mystats.php in MyStats 1.0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the details parameter. | |||||
CVE-2008-1177 | 1 Affiliate Market | 1 Affiliate Market | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in shop/detail.php in Affiliate Market (affmarket) 0.1 BETA allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2007-3938 | 1 Maxdev | 1 Mdpro | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.8x and earlier before 20070720 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a view action in the Topics module, a different vulnerability than CVE-2006-1676. | |||||
CVE-2008-0278 | 1 X7 Group | 1 X7 Chat | 2024-02-28 | 6.0 MEDIUM | N/A |
SQL injection vulnerability in index.php in X7 Chat 2.0.5 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a sm_window action. | |||||
CVE-2007-5916 | 1 Phphelpdesk | 1 Phphelpdesk | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the login page in phphelpdesk 0.6.16 allows remote attackers to execute arbitrary SQL commands via unspecified parameters related to the "login procedures." | |||||
CVE-2008-0714 | 1 Mihalism | 1 Multi Host | 2024-02-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in users.php in Mihalism Multi Host allows remote attackers to execute arbitrary SQL commands via the username parameter in a lost_password_go action. | |||||
CVE-2008-0771 | 1 Site2nite | 1 Real Estate Web | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in default.asp in Site2Nite allow remote attackers to execute arbitrary SQL commands via the (1) txtUserName and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information. |