Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3848 | 1 Pdesigner | 1 Z-breaknews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in single.php in Z-Breaknews 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2919 | 1 Gryphonllc | 1 Gryphon Gllcts2 | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the sort parameter. | |||||
| CVE-2008-2129 | 1 Cine | 1 Galleristic | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Galleristic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2180 | 1 Cplinks | 1 Cplinks | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) admin_username parameter (aka the username field) to admin/index.php and the (2) search_text and (3) search_category parameters to search.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2504 | 1 Simpel Side | 1 Netbutik | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Simpel Side Netbutik 1 through 4 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to netbutik.php and the (2) id parameter to product.php. | |||||
| CVE-2008-3580 | 1 Qsoft | 1 K-links | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to visit.php, or the PATH_INFO to the default URI under (2) report/, (3) addreview/, or (4) refer/. | |||||
| CVE-2008-3755 | 1 Yourfreeworld | 1 Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in YourFreeWorld Classifieds Script allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2008-3241 | 1 Ultrastats | 1 Ultrastats | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in players-detail.php in UltraStats 0.2.136, 0.2.140, and 0.2.142 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2535 | 1 Fkrauthan | 1 Phoenix View Cms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to execute arbitrary SQL commands via the del parameter to (1) gbuch.admin.php, (2) links.admin.php, (3) menue.admin.php, (4) news.admin.php, and (5) todo.admin.php in admin/module/. | |||||
| CVE-2008-2691 | 1 Jiro | 1 Faq Manager Experience | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.asp in JiRo's FAQ Manager eXperience 1.0 allows remote attackers to execute arbitrary SQL commands via the fID parameter. | |||||
| CVE-2008-3204 | 1 E-topbiz | 1 Million Pixels | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels 3 allows remote attackers to execute arbitrary SQL commands via the id_cat parameter. | |||||
| CVE-2008-2263 | 1 Cmsnx | 1 Automated Link Exchange Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in linking.page.php in Automated Link Exchange Portal allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: linking.page.php is commonly renamed to link.php, links.php, etc. | |||||
| CVE-2008-2629 | 2 Drupal, Lifetype | 2 Drupal, Lifetype | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the LifeType (formerly pLog) module for Drupal allows remote attackers to execute arbitrary SQL commands via the albumId parameter in a ViewAlbum action to index.php. | |||||
| CVE-2008-2095 | 3 Joomla, Mambo, Page-flip-tools | 3 Com Flippingbook, Com Flippingbook, Flipping Book | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter. | |||||
| CVE-2008-3254 | 1 Precoc | 1 Precms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in preCMS 1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a UserProfil action. | |||||
| CVE-2008-2530 | 1 Quickupcms | 1 Quickupcms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Concepts & Solutions QuickUpCMS allow remote attackers to execute arbitrary SQL commands via the (1) nr parameter to (a) frontend/news.php, the (2) id parameter to (b) events3.php and (c) videos2.php in frontend/, the (3) y parameter to (d) frontend/events2.php, and the (4) ser parameter to (e) frontend/fotos2.php. | |||||
| CVE-2008-2444 | 1 Calogic | 1 Calogic Calendars | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in userreg.php in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary SQL commands via the langsel parameter. | |||||
| CVE-2008-3674 | 1 Pozscripts | 1 Tubeguru Video Sharing Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ugroups.php in PozScripts TubeGuru Video Sharing Script allows remote attackers to execute arbitrary SQL commands via the UID parameter. | |||||
| CVE-2008-2627 | 1 Joomla | 1 Com Idoblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the IDoBlog (com_idoblog) component b24 and earlier and 1.0, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the userid parameter in a userblog action to index.php. | |||||
| CVE-2008-3153 | 1 Tritoncms | 1 Triton Cms Pro | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header. | |||||