Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6330 | 1 Jaia Interactive | 1 Mytopix | 2017-09-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in index.php in MyTopix 1.3.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the send parameter in a notes action. | |||||
| CVE-2009-0593 | 1 Plxwebdev | 1 Plx Auto Reminder | 2017-09-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in members.php in plx Auto Reminder 3.7 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a newar action. | |||||
| CVE-2008-6647 | 1 Ktools | 1 Photostore | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3 allows remote attackers to execute arbitrary SQL commands via the gid parameter. | |||||
| CVE-2008-6349 | 1 Turnkeyforms | 1 Business Survey Pro | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-0293 | 1 Wazzum | 1 Wazzum Dating Software | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile_view.php in Wazzum Dating Software, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the userid parameter. | |||||
| CVE-2008-6320 | 1 Cfshopkart | 1 Cf Shopkart | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arbitrary SQL commands via the Category parameter in a ViewCategory action. | |||||
| CVE-2008-7153 | 1 Docebo | 1 Docebo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitrary PHP code using the INTO DUMPFILE command. | |||||
| CVE-2009-0446 | 1 Web-album | 1 Webalbum | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in photo.php in WEBalbum 2.4b allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6810 | 1 Bookingcentre | 1 Booking System For Hotels Group | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/checklogin.php in Venalsur Booking Centre Booking System for Hotels Group 2.01 allow remote attackers to execute arbitrary SQL commands via the (1) myusername (username) and (2) password parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6419 | 1 Socialsitegenerator | 1 Social Site Generator | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php. | |||||
| CVE-2008-6309 | 1 W3matter | 1 Askpert | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in W3matter AskPert allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6525 | 1 Nicephpscripts | 1 Nice Php Faq Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script (Knowledge base Script) allows remote attackers to execute arbitrary SQL commands via the Password parameter (aka the pass field). | |||||
| CVE-2008-6851 | 1 Php Link Directory | 1 Php Link Directory | 2017-09-29 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in page.php in PHP Link Directory (phpLD) 3.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||||
| CVE-2008-6649 | 1 Ktools | 1 Photostore | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6874 | 1 Aspsiteware | 1 Autodealer | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands via the iType parameter in (1) Auto1/type.asp or (2) auto2/type.asp. | |||||
| CVE-2008-6782 | 1 Scripts-for-sites | 1 Ez Hosting Directory | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Hosting Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | |||||
| CVE-2008-6468 | 1 Dieselscripts | 1 Diesel Pay | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Diesel Pay allows remote attackers to execute arbitrary SQL commands via the area parameter in a browse action. | |||||
| CVE-2009-0462 | 1 Clicktech | 1 Clickcart | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in customer_login_check.asp in ClickTech ClickCart 6.0 allow remote attackers to execute arbitrary SQL commands via (1) the txtEmail parameter (aka E-MAIL field) or (2) the txtPassword parameter (aka password field) to customer_login.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6254 | 1 Jadu | 1 Jadu Galaxies | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in scripts/documents.php in Jadu Galaxies allows remote attackers to execute arbitrary SQL commands via the categoryID parameter. | |||||
| CVE-2008-6881 | 2 Joomla, Joompolitan | 2 Joomla\!, Com Livechat | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to (1) getChat.php, (2) getChatRoom.php, and (3) getSavedChatRooms.php. | |||||