Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4603 | 1 Igaming | 1 Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action. | |||||
| CVE-2008-5269 | 1 Powie | 1 Psys | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in pSys 0.7.0 alpha allows remote attackers to execute arbitrary SQL commands via the shownews parameter. | |||||
| CVE-2008-5486 | 1 Turnkeyforms | 1 Text Link Sales | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5574 | 1 Unscripts | 1 Webmaster Marketplace | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in member.php in Webmaster Marketplace allows remote attackers to execute arbitrary SQL commands via the u parameter. | |||||
| CVE-2008-6076 | 2 Jlleblanc, Joomla | 2 Com Dailymessage, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2008-6114 | 2 E107, Mytipper | 2 E107, Zogo Shop | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_details.php in the Mytipper Zogo-shop 1.15.4 plugin for e107 allows remote attackers to execute arbitrary SQL commands via the product parameter. | |||||
| CVE-2008-5950 | 1 Aspapps | 1 Template Creature | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote attackers to execute arbitrary SQL commands via the mcatid parameter. | |||||
| CVE-2008-5973 | 1 Activewebsoftwares | 1 Active Web Mail | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.aspx in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2008-6102 | 1 Ezonescripts | 1 Link Trader Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ratelink.php in Link Trader Script allows remote attackers to execute arbitrary SQL commands via the lnkid parameter. | |||||
| CVE-2008-4350 | 1 Vblogix | 1 Tutorial Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main.php in vbLOGIX Tutorial Script 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | |||||
| CVE-2008-5779 | 1 Flds Script | 1 Flds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4625 | 2 Shiftthis, Wordpress | 2 Shifthis Newsletter, Wordpress | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in stnl_iframe.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter, a different vector than CVE-2008-0683. | |||||
| CVE-2008-4890 | 1 1st News | 1 4 Professional | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in products.php in 1st News 4 Professional (PR 1) allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6153 | 1 Jayeshp | 1 Pixel8 Web Photo Album | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo Album 3.0 allows remote attackers to execute arbitrary SQL commands via the AlbumID parameter. | |||||
| CVE-2008-4150 | 1 Dieselscripts | 1 Diesel Joke Site | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in picture_category.php in Diesel Joke Site allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3763. | |||||
| CVE-2008-5607 | 2 Joomitaly, Joomla | 2 Jmovies, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2008-4357 | 1 Powie | 1 Plink | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4606 | 1 Ip Reg | 1 Ip Reg | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) location_id parameter to locationdel.php and (2) vlan_id parameter to vlanedit.php. NOTE: the vlanview.php and vlandel.php vectors are already covered by CVE-2007-6579. | |||||
| CVE-2008-4883 | 1 Yourfreeworld | 1 Blog Blaster Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Blog Blaster Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5070 | 1 Pro Chat Rooms | 1 Pro Chat Rooms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Pro Chat Rooms 3.0.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the gud parameter to (1) profiles/index.php and (2) profiles/admin.php. | |||||