Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6081 | 1 Simplecustomer | 1 Simple Customer | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in contact.php in Simple Customer 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4460 | 1 Vastal I-tech | 1 Mmorpg Zone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in game.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the game_id parameter. | |||||
| CVE-2008-4379 | 1 Mr. Cgi Guy | 1 Hot Links Sql Php | 2017-09-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2008-4345 | 1 Webportal | 1 Webportal Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter. | |||||
| CVE-2008-5170 | 1 Easysitenetwork | 1 Cheats Complete Website | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in item.php in Cheats Complete Website 1.1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter. | |||||
| CVE-2008-6064 | 1 Domphp | 1 Domphp | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote attackers to execute arbitrary SQL commands via the cat parameter to agenda/index.php, and unspecified other vectors. | |||||
| CVE-2008-5586 | 1 Check Up | 1 Check New | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2008-4755 | 1 Pozscripts | 1 Classified Auctions Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gotourl.php in PozScripts Classified Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5895 | 1 Mediatheka | 1 Mediatheka | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in connection.php in Mediatheka 4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. | |||||
| CVE-2008-5494 | 2 Digitalgreys, Joomla | 2 Com Contactinfo, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||
| CVE-2008-5806 | 1 Deltascripts | 1 Php Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka admin field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4772 | 1 Questwork | 1 Questcms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main/main.php in QuestCMS allows remote attackers to execute arbitrary SQL commands via the obj parameter. | |||||
| CVE-2008-4175 | 1 Linkbidscript | 1 Linkbidscript | 2017-09-29 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php. | |||||
| CVE-2008-5311 | 1 Netart Media | 1 Blog System | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5652 | 1 Myiosoft | 1 Easybookmarker | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4716 | 1 Scriptdemo | 1 Php-lance | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show.php in BitmixSoft PHP-Lance 1.52 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-5727 | 1 Netcat | 1 Netcat | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the query string. | |||||
| CVE-2008-5767 | 1 Gazatem | 1 Gnews Publisher | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter. | |||||
| CVE-2008-4241 | 1 Cj | 1 Ultra Plus | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CJ Ultra Plus 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via an SID cookie. | |||||
| CVE-2008-4753 | 1 Aj Square Inc | 1 Rss Reader | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in EditUrl.php in AJ Square RSS Reader allows remote attackers to execute arbitrary SQL commands via the url parameter. | |||||