Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1895 | 1 Carboncommunities | 1 Carbon Communities | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to events.asp, the (2) UserName parameter to getpassword.asp, and possibly an unspecified parameter to (3) option_Update.asp in an edit action. | |||||
| CVE-2008-1699 | 1 Desiquintans | 1 Writers Block Cms | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in permalink.php in Desi Quintans Writer's Block CMS 3.8a allows remote attackers to execute arbitrary SQL commands via the PostID parameter. | |||||
| CVE-2008-1733 | 2 Joomla, Pragmaticutopia | 2 Joomla, Com Puarcade | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade (com_puarcade) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter to index.php. | |||||
| CVE-2008-1650 | 1 Myiosoft | 1 Easynews | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edp_Help_Internal_News action. | |||||
| CVE-2008-1641 | 1 Efestech | 1 Video | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in EfesTECH Video 5.0 allows remote attackers to execute arbitrary SQL commands via the catID parameter. | |||||
| CVE-2008-1554 | 1 Topper | 1 Toppermod | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in account/index.php in TopperMod 2.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a non-alphanumeric first character the localita parameter, which bypasses a protection mechanism. | |||||
| CVE-2008-1631 | 1 Emedia Office Gmbh | 1 Cuteflow | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter, related to the login form field in index.php. | |||||
| CVE-2008-1613 | 1 Reddot | 1 Cms | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ioRD.asp in RedDot CMS 7.5 Build 7.5.0.48, and possibly other versions including 6.5 and 7.0, allows remote attackers to execute arbitrary SQL commands via the LngId parameter. | |||||
| CVE-2008-1494 | 1 Easy-clanpage | 1 Easy-clanpage | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in inc/module/online.php in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a user details action, a different vector than CVE-2008-1425. | |||||
| CVE-2008-1549 | 1 Aeries | 1 Aeries Student Information System | 2018-10-11 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the (1) GrdBk parameter to GradebookOptions.asp and the (2) SchlCode variable to loginproc.asp, a different vector than CVE-2008-0942. | |||||
| CVE-2008-1426 | 1 Kaphotoservice | 1 Kaphotoservice | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in album.asp in KAPhotoservice allows remote attackers to execute arbitrary SQL commands via the albumid parameter. | |||||
| CVE-2008-1350 | 1 Fully Modded Phpbb | 1 Fully Modded Phpbb | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm) 80220 allows remote attackers to execute arbitrary SQL commands via the k parameter in an article action. | |||||
| CVE-2008-1336 | 1 Koobi | 1 Koobi Cms | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Koobi CMS 4.2.3 through 4.3.0 allows remote attackers to execute arbitrary SQL commands via the categ parameter in a links action to index.php, a different vector than CVE-2008-1122. | |||||
| CVE-2008-1344 | 1 Myiosoft | 1 Easycalendar | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MyioSoft EasyCalendar 4.0tr and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year parameter in a dayview action to plugins/calendar/calendar_backend.php and the (2) page parameter to ajaxp_backend.php. | |||||
| CVE-2008-1346 | 1 Myiosoft | 1 Easycalendar | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in staticpages/easygallery/index.php in MyioSoft EasyGallery 5.0tr and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action. | |||||
| CVE-2008-1162 | 1 Php Web Scripts | 1 Dynamic Photo Gallery | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter. | |||||
| CVE-2008-1050 | 1 Softbiz | 1 Jokes And Funny Pictures Script | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter. | |||||
| CVE-2008-1122 | 1 Dream4 | 1 Koobi Pro | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the downloads module in Koobi Pro 5.7 allows remote attackers to execute arbitrary SQL commands via the categ parameter to index.php. NOTE: it was later reported that this also affects Koobi CMS 4.2.4, 4.2.5, and 4.3.0. | |||||
| CVE-2008-1137 | 2 Joomla, Mambo | 2 Com Garyscookbook, Com Garyscookbook | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2008-1094 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2018-10-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter. | |||||