Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0363 | 1 Clever Copy | 1 Clever Copy | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to postcomment.php and the (2) album parameter to gallery.php. | |||||
| CVE-2008-0385 | 1 Urulu | 1 Urulu | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in server/widgetallocator.php in Urulu 2.1 allows remote attackers to execute arbitrary SQL commands via the connectionId parameter to index.php with (1) statprt/js/request or (2) dyn/js/request in the PATH_INFO. | |||||
| CVE-2008-0383 | 1 Mybb | 1 Mybb | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts action, (2) rid parameter in an allreports action, or (3) threads parameter in a do_multimovethreads action to (a) moderation.php; or (4) gid parameter to (b) admin/usergroups.php. | |||||
| CVE-2008-0267 | 1 Eticket | 1 Eticket | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php. | |||||
| CVE-2008-0288 | 1 Imagealbum | 1 Imagealbum | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ImageAlbum 2.0.0b2 allow remote attackers to execute arbitrary SQL commands via the id, which is not properly handled in (1) classes/IADomain.php, (2) classes/IACollection.php, and (3) classes/IAUser.php, as demonstrated via the id parameter in a collection.imageview action. | |||||
| CVE-2008-0185 | 1 Netrisk | 1 Netrisk | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the pid parameter in a profile page (possibly profile.php). | |||||
| CVE-2008-0286 | 1 Article Dashboard | 1 Article Dashboard | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields. | |||||
| CVE-2008-0280 | 1 Mtcms | 1 Mtcms | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in MTCMS 2.0 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the (1) a or (2) cid parameter. | |||||
| CVE-2008-0253 | 1 Binn | 1 Sbuilder | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in full_text.php in Binn SBuilder allows remote attackers to execute arbitrary SQL commands via the nid parameter. | |||||
| CVE-2007-6671 | 1 Instantsoftwares | 1 Dating Site | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-6021. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6658 | 1 Customcms | 1 Ccms | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page. | |||||
| CVE-2007-6634 | 1 Netbizcity | 1 Faqmasterflexplus | 2018-10-15 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to execute arbitrary SQL commands via the category_id parameter to faq.php, and unspecified other vectors involving additional scripts. | |||||
| CVE-2007-6538 | 2 Moodle, Mrbs | 2 Moodle, Mrbs | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6559 | 1 Logaholic | 1 Logaholic | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to execute arbitrary SQL commands via (1) the from parameter to index.php or (2) the page parameter to update.php. | |||||
| CVE-2007-6566 | 1 Xzero Scripts | 1 Xzero Community Classifieds | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php. | |||||
| CVE-2007-6540 | 1 Neuron | 1 News | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL commands via the q parameter to the default URI in patch/. | |||||
| CVE-2007-6544 | 1 Runcms | 1 Runcms | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in RunCMS before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the lid parameter to (1) brokenfile.php, (2) visit.php, or (3) ratefile.php in modules/mydownloads/; or (4) ratelink.php, (5) modlink.php, or (6) brokenlink.php in modules/mylinks/. | |||||
| CVE-2007-6565 | 1 Blakord | 1 Blakord Portal | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to an arbitrary component. | |||||
| CVE-2007-6498 | 1 Hosting Controller | 1 Hosting Controller | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) email and (2) loginname parameters to Hosting/Addreseller.asp, (3) the sortfield parameter to accounts/accountmanager.asp, (4) the GateWayID parameter to OpenApi/GatewayVariables.asp, and possibly (5) unspecified vectors to IIS/iibind.asp. | |||||
| CVE-2007-6491 | 1 Kvaliitti | 1 Webdoc Cms | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Kvaliitti WebDoc 3.0 CMS allow remote attackers to execute arbitrary SQL commands via (1) the cat_id parameter to categories.asp; and probably (2) the document_id parameter to categories.asp, and the (3) cat_id and (4) document_id parameters to subcategory.asp. | |||||