Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-7267 | 1 Boka | 1 Siteengine | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-7030 | 1 Site2nite | 1 Real Estate Web | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect. | |||||
| CVE-2008-7091 | 1 Pligg | 1 Pligg Cms | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pligg 9.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to vote.php, which is not properly handled in libs/link.php; (2) id parameter to trackback.php; (3) an unspecified parameter to submit.php; (4) requestTitle variable in a query to story.php; (5) requestID and (6) requestTitle variables in recommend.php; (7) categoryID parameter to cloud.php; (8) title parameter to out.php; (9) username parameter to login.php; (10) id parameter to cvote.php; and (11) commentid parameter to edit.php. | |||||
| CVE-2008-7059 | 1 Aled Owen | 1 One-news | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter. | |||||
| CVE-2008-7145 | 1 Coronamatrix | 1 Phpaddressbook | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) parameters. | |||||
| CVE-2008-6572 | 1 Abledating | 1 Abledating | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | |||||
| CVE-2008-6989 | 1 Ezphotogallery | 1 Ezphotogallery | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-6234 | 2 Joomla, Mambo-foundation | 4 Com Musica, Joomla, Com Musica and 1 more | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2008-6618 | 1 Netlab | 1 Classsystem | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote attackers to execute arbitrary SQL commands via the teacher_id parameter in (1) class/HomepageMain.php and (2) class/HomepageTop.php, and (3) the message_id parameter in class/MessageReply.php. | |||||
| CVE-2008-6593 | 2 Lightneasy, Sqlite | 2 Lightneasy, Sqlite | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php. | |||||
| CVE-2008-6250 | 1 Comdev | 1 Comdev Web Blogger | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page. | |||||
| CVE-2008-6266 | 1 Appstate | 1 Phpwebsite | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action. | |||||
| CVE-2008-6180 | 1 Newlife Blogger | 1 Newlife Blogger | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in system/nlb_user.class.php in NewLife Blogger 3.0 and earlier, and possibly 3.3.1, allows remote attackers to execute arbitrary SQL commands via the nlb3 cookie. | |||||
| CVE-2008-6255 | 1 Vbulletin | 1 Vbulletin | 2018-10-11 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php. | |||||
| CVE-2008-6880 | 1 Easysitenetwork | 1 Jokes Complete Website | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes Website allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6980 | 1 Phpadultsite | 1 Phpadultsite Cms | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in as_archives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to execute arbitrary SQL commands via the results_per_page parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6728 | 1 Phpnuke | 1 Php-nuke | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php. | |||||
| CVE-2008-6427 | 1 Hivemaker | 1 Hivemaker | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Hivemaker Professional 1.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-6418 | 1 Torrenttrader | 1 Torrenttrader | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter. | |||||
| CVE-2008-6509 | 1 Igniterealtime | 1 Openfire | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp. | |||||