Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6181 | 2 Joomla, Mad4media | 2 Joomla, Com Mad4joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the jid parameter to index.php. | |||||
| CVE-2008-6582 | 1 Miniweb2 | 1 Miniweb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | |||||
| CVE-2008-6794 | 1 Sfs Ez Pub | 1 Fsf Ex Pub | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Pub Site allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2009-0104 | 1 Se-ed | 1 Ezpack | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action. | |||||
| CVE-2008-7097 | 1 Qsoft-inc | 1 K-rate | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Qsoft K-Rate Premium allow remote attackers to execute arbitrary SQL commands via (1) the $id variable in admin/includes/dele_cpac.php, (2) $ord[order_id] variable in payments/payment_received.php, (3) $id variable in includes/functions.php, and (4) unspecified variables in modules/chat.php, as demonstrated via the (a) show parameter in an online action to index.php; (b) PATH_INTO to the room/ handler; (c) image and (d) id parameters in a vote action to index.php; (e) PATH_INFO to the blog/ handler; and (f) id parameter in a blog_edit action to index.php. | |||||
| CVE-2008-6527 | 1 Go4i | 1 Go41.net Asp Forum | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum.asp in GO4I.NET ASP Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the iFor parameter. | |||||
| CVE-2008-6789 | 1 Minddezign | 1 Photo Gallery | 2017-09-29 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action to the admin module in index.php, a different vector than CVE-2008-6788. | |||||
| CVE-2008-6353 | 1 Asp-cms | 1 Asp-cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the cha parameter. | |||||
| CVE-2009-0740 | 1 Frankmancuso | 1 Bluebird | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in BlueBird Prelease allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) passwd parameters. | |||||
| CVE-2008-6258 | 1 Quadcomm | 1 Q-shop | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108. | |||||
| CVE-2008-6923 | 1 Joomla | 2 Com Content, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the content component (com_content) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a blogcategory action to index.php. | |||||
| CVE-2008-6795 | 1 Niclor | 1 Vibro-school-cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_news.php in nicLOR Vibro-School-CMS allows remote attackers to execute arbitrary SQL commands via the nID parameter. | |||||
| CVE-2008-6237 | 1 Scripts-for-sites | 1 Hotscripts-like Site | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in software-description.php in Scripts For Sites (SFS) Hotscripts-like Site allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6358 | 1 Socialgroupie | 1 Social Groupie | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in group_index.php in Social Groupie allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6784 | 1 Scripts-for-sites | 1 Ez Adult Directory | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Adult Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | |||||
| CVE-2008-6249 | 1 Gwm | 1 Galatolo Webmanager | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6333 | 1 Matthew General | 1 Rss Simple News | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in news.php in RSS Simple News (RSSSN), when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2009-0384 | 1 Adam Tomecek | 1 Ownrs | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-0400 | 1 Socialengine | 1 Socialengine | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in blog.php in SocialEngine 3.06 trial allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
| CVE-2008-6322 | 1 Cfmsource | 1 Cfmblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | |||||