Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4884 | 1 Yourfreeworld | 1 Classifieds Hosting Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Classifieds Hosting Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6030 | 1 Netartmedia | 1 Jobs Portal | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via (1) the job parameter to index.php in the search module or (2) the news_id parameter to index.php. | |||||
| CVE-2008-4713 | 1 212cafe | 1 212cafeboard | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in 212cafe Board 0.07 allows remote attackers to execute arbitrary SQL commands via the qID parameter. | |||||
| CVE-2008-4605 | 1 Cafeengine | 1 Easycafeengine | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) dish.php and (2) menu.php. | |||||
| CVE-2008-5631 | 1 Activewebsoftwares | 1 Active Ewebquiz | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4786 | 1 E107 | 2 E107, Easyshop Plugin | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in easyshop.php in the EasyShop plugin for e107 allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
| CVE-2008-6151 | 1 Sepcity | 1 Shopping Mall | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shpdetails.asp in SepCity Shopping Mall allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-6091 | 1 Bmforum | 1 Bmforum | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in plugins.php in BMForum 5.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tagname parameter. | |||||
| CVE-2008-4356 | 1 Kasseler-cms | 1 Kasseler Cms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result action to the Voting module; (3) the fid parameter to index.php in a ShowForum action to the Forum module; (4) the tid parameter to index.php in a ShowTopic action to the Forum module; (5) the uname parameter to index.php in a UserInfo action to the Account module; or (6) the module parameter to index.php, probably related to the TopSites module. | |||||
| CVE-2008-4674 | 1 Conkurent | 1 Real Estate | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in realestate-index.php in Conkurent Real Estate Manager 1.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in browse mode. | |||||
| CVE-2008-5599 | 1 Merlix | 1 Teamworx Server | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to execute arbitrary SQL commands via the password parameter (aka passwd field) in a login action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5192 | 1 Philboard | 1 Philboard | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920. | |||||
| CVE-2008-5337 | 1 Multimania | 2 Bandsite Portal System, Bandwebsite | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lyrics.php in Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4203 | 1 Czaries | 1 Czarnews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cn_users.php in CzarNews 1.20 and earlier allows remote attackers to execute arbitrary SQL commands via a recook cookie. | |||||
| CVE-2008-4369 | 1 Availscript | 1 Availscript Photo Album | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pics.php in Availscript Photo Album allows remote attackers to execute arbitrary SQL commands via the sid parameter. | |||||
| CVE-2008-4627 | 2 Rgallery, Woltlab | 2 Rgallery Plugin, Woltlab Burning Board | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the rGallery plugin 1.09 for WoltLab Burning Board (WBB) allows remote attackers to execute arbitrary SQL commands via the itemID parameter in the RGalleryImageWrapper page in index.php. | |||||
| CVE-2008-5267 | 1 Experts | 1 Experts | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in answer.php in Experts 1.0.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the question_id parameter. | |||||
| CVE-2008-5047 | 1 Mole Group | 1 Rental Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/index.php in Mole Group Rental Script allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-5785 | 1 V3chat | 1 V3 Chat Profiles Dating Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. | |||||
| CVE-2008-4347 | 1 Powie | 1 Pnews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in newskom.php in Powie pNews 2.03 allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | |||||