Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4992 | 1 Script-shop24 | 1 Lm Starmail Paidmail | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in paidbanner.php in LM Starmail Paidmail 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2009-4721 | 1 Andrews-web | 1 Aw-bannerad | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Admin/index.asp in Andrews-Web (A-W) BannerAd 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) User and (2) Password parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4733 | 1 Supercrackmunkey | 1 Simpleloginsys | 2017-09-19 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4892 | 1 Webjump | 1 Webjump\! | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Content Management System WEBjump! allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) portfolio_genre.php and (2) news_id.php. | |||||
| CVE-2009-4891 | 1 Cs-cart | 1 Cs-cart | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CS-Cart 2.0.0 Beta 3 allows remote attackers to execute arbitrary SQL commands via the product_id parameter in a products.view action. | |||||
| CVE-2009-4807 | 1 Graugon | 1 Php Article Publisher | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Graugon PHP Article Publisher 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) c parameter to index.php and the (2) id parameter to view.php. | |||||
| CVE-2009-4860 | 1 Demarque | 1 Typing Pal | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in demo.php in Typing Pal 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idTableProduit parameter. | |||||
| CVE-2009-3310 | 1 Shalwan | 1 Zainu | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Zainu 1.0 allows remote attackers to execute arbitrary SQL commands via the album_id parameter in an AlbumSongs action. | |||||
| CVE-2009-3336 | 1 Phpprobid | 1 Php Pro Bid | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auction_details.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auction_id parameter. | |||||
| CVE-2009-2921 | 1 Mocdesigns | 1 Php News | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in MOC Designs PHP News 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) newsuser parameter (User field) and (2) newspassword parameter (Password field). | |||||
| CVE-2009-2389 | 1 Usolved | 1 Newsolved | 2017-09-19 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in newsscript.php in USOLVED NEWSolved 1.1.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) jahr or (2) idneu parameter in an archive action, or (3) the newsid parameter. | |||||
| CVE-2009-2383 | 2 Blogtrafficexchange, Wordpress | 2 Related-sites, Wordpress | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the guid parameter. | |||||
| CVE-2009-3419 | 1 Intesync | 1 Miniweb | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter. | |||||
| CVE-2009-3713 | 1 Morcego | 1 Morcegocms | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in fichero.php in MorcegoCMS 1.7.6 and earlier allows remote attackers to execute arbitrary SQL commands via the query string. | |||||
| CVE-2009-2601 | 2 Joomla, Joomlaequipment | 2 Joomla\!, Juser | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joomlaequipment (aka JUser or com_juser) component 2.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_profile action to index.php. | |||||
| CVE-2009-3308 | 1 Fanupdate | 1 Fanupdate | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter. | |||||
| CVE-2009-2883 | 1 Arabless | 1 Saphplesson | 2017-09-19 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin/login.php in SaphpLesson 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cp_username parameter, related to an error in the CleanVar function in includes/functions.php. | |||||
| CVE-2009-2340 | 1 Opial | 1 Opial | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/index.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the txtUserName (aka User Name) parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3361 | 1 Paul Gibbs | 1 Php-ipnmonitor | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincat_id parameter. | |||||
| CVE-2009-3325 | 2 Focusdev, Joomla | 2 Com Surveymanager, Joomla | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Focusplus Developments Survey Manager (com_surveymanager) component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php. | |||||