Total
12919 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0286 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable. | |||||
| CVE-2003-1530 | 1 Phpbb | 1 Phpbb | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the mark[] parameter. | |||||
| CVE-2003-1458 | 1 Ttcms | 2 Ttcms, Ttforum | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum allows remote attackers to execute arbitrary SQL commands via the member name. | |||||
| CVE-2002-2391 | 2 Webchat.org, Xoops | 2 Webchat, Xoops | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php of WebChat 1.5 included in XOOPS 1.0 allows remote attackers to execute arbitrary SQL commands via the roomid parameter. | |||||
| CVE-2003-0377 | 1 Iisprotect | 1 Iisprotect | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote attackers to insert arbitrary SQL and execute code via certain variables, as demonstrated using the GroupName variable in SiteAdmin.ASP. | |||||
| CVE-2003-1523 | 1 Dbmail | 1 Dbmail | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows remote attackers to execute arbitrary SQL commands via the (1) login username, (2) mailbox name, and possibly other attack vectors. | |||||
| CVE-2002-2383 | 1 F2html.pl | 1 F2html.pl | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in f2html.pl 0.1 through 0.4 allows remote attackers to execute arbitrary SQL commands via file names. | |||||
| CVE-2003-1340 | 1 Phpnuke | 1 Php-nuke | 2024-02-28 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid (admin) cookie to the Web_Links module in a (2) viewlink, (3) MostPopular, or (4) NewLinksDate action, different vectors than CVE-2003-0279. | |||||
| CVE-2003-0845 | 1 Jboss | 1 Jboss | 2024-02-28 | 7.5 HIGH | N/A |
| Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8. | |||||
| CVE-2004-1339 | 1 Oracle | 2 Database Server, Oracle9i | 2024-02-28 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the new.table_name or new.column_name parameters. | |||||
| CVE-2003-1533 | 1 Phppass | 1 Phppass | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameters. | |||||
| CVE-2002-2305 | 1 Phpsecure.org | 1 Immobilier | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in agentadmin.php in Immobilier allows remote attackers to execute arbitrary SQL commands via the (1) agentname or (2) agentpassword parameter. | |||||
| CVE-2002-0999 | 1 Care 2002 | 1 Care 2002 | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in CARE 2002 before beta 1.0.02 allow remote attackers to perform unauthorized database operations. | |||||
| CVE-2002-2252 | 1 Atthat.com | 1 Thatware | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auth.inc.php in Thatware 0.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via a base64-encoded user parameter. | |||||
| CVE-2003-1520 | 1 Fuzzymonkey | 1 Myclassifieds | 2024-02-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter. | |||||
| CVE-2002-2304 | 1 Myphpsoft | 1 Myphplinks | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/auth/checksession.php in MyPHPLinks 2.1.9 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the idsession parameter. | |||||
| CVE-2004-1553 | 1 Fullrevolution | 1 Aspwebalbum | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action. | |||||
| CVE-2003-1435 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL commands via the days parameter to the search module. | |||||
| CVE-2003-1504 | 1 Goldscripts | 1 Goldlink | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in variables.php in Goldlink 3.0 allows remote attackers to execute arbitrary SQL commands via the (1) vadmin_login or (2) vadmin_pass cookie in a request to goldlink.php. | |||||