Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6332 | 1 Simplecustomer | 1 Simple Customer | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Simple Customer 1.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2009-0334 | 1 Katywhitton | 1 Blogit\! | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action. | |||||
| CVE-2008-6725 | 1 Cmscout | 1 Cmscout | 2017-09-29 | 6.0 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) index.php in a mythings page (mythings.php) and (2) the users page in admin.php. | |||||
| CVE-2008-6812 | 1 Surat Kabar | 1 Phpwebnews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter. | |||||
| CVE-2008-6226 | 1 Preproject | 1 Php Auto Listings Script | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in moreinfo.php in Pre Projects PHP Auto Listings Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the itemno parameter. | |||||
| CVE-2008-6632 | 1 Mercuryboard | 1 Mercuryboard | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER['HTTP_USER_AGENT']). | |||||
| CVE-2008-6319 | 1 Cfmsource | 1 Cf Calendar | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter. | |||||
| CVE-2009-0379 | 1 Joomla | 2 Com Pcchess, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a showgame action to index.php, a different vector than CVE-2008-0761. | |||||
| CVE-2008-6907 | 1 2532gigs | 1 2532gigs | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, as accessible from a form generated by index.php. | |||||
| CVE-2009-0252 | 1 Enthrallweb | 1 Ereservations | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote attackers to execute arbitrary SQL commands via the (1) Login parameter (aka username field) or the (2) Password parameter (aka password field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0528 | 1 Rhadrix | 1 If-cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in frame.php in Rhadrix If-CMS 2.07 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6365 | 1 Adserversolutions | 1 Ad Management Software | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad Management Software Java allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, related to the uname or pass parameters to logon.jsp or logon_processing.jsp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6608 | 1 Developiteasy | 1 Events Calendar | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in DevelopItEasy Events Calendar 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the user_name parameter (aka user field) to admin/index.php, (2) the user_pass parameter (aka pass field) to admin/index.php, or (3) the id parameter to calendar_details.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0574 | 1 Cafeengine | 1 Easycafeengine | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Easy CafeEngine allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-4604. | |||||
| CVE-2009-0707 | 1 Powerscripts | 1 Powerclan | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter (aka login field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6626 | 1 Webbdomain | 1 Quiz | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in getin.php in WEBBDOMAIN Quiz 1.02 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-6781 | 1 Scripts-for-sites | 1 Ez Gaming Directory | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Sites for Scripts (SFS) Gaming Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | |||||
| CVE-2008-6378 | 1 Mxmania | 1 Calendar Mx Professional | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-6805 | 1 Micgr | 1 Mic Blog | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Mic_Blog 0.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to category.php, the (2) user parameter to login.php, and the (3) site parameter to register.php. | |||||
| CVE-2008-6350 | 1 Turnkeyforms | 1 Local Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter. | |||||