Total
11322 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-6214 | 1 Harlandscripts | 1 Pro Traffic One | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in poll_results.php in Harlandscripts Pro Traffic One allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2009-2886 | 1 Phpscriptsnow | 1 President Bios | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in bios.php in PHP Scripts Now President Bios allows remote attackers to execute arbitrary SQL commands via the rank parameter. | |||||
CVE-2008-6050 | 2 Ircmaxell, Joomla | 2 Tech Article, Joomla | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php. | |||||
CVE-2008-4674 | 1 Conkurent | 1 Real Estate | 2023-12-10 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in realestate-index.php in Conkurent Real Estate Manager 1.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in browse mode. | |||||
CVE-2008-5268 | 1 Aspportal | 1 Aspportal | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to execute arbitrary SQL commands via the Topic_Id parameter. | |||||
CVE-2008-3125 | 1 Mole Group | 1 Lastminute Script | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
CVE-2008-1907 | 1 Cpcommerce | 1 Cpcommerce | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in functions/display_page.func.php in cpCommerce 1.1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id_product, (2) id_manufacturer, and (3) id_category parameters to unspecified components. NOTE: this probably overlaps CVE-2007-2959 and CVE-2007-2890. | |||||
CVE-2008-6350 | 1 Turnkeyforms | 1 Local Classifieds | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter. | |||||
CVE-2008-1314 | 2 Johannes Hass, Phpnuke | 2 Gaestebuch Module, Php-nuke | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Johannes Hass gaestebuch 2.2 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to modules.php. | |||||
CVE-2009-2423 | 1 Ebayclonescript | 1 Ebay Clone | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter in a list action. | |||||
CVE-2008-5655 | 1 Myiosoft | 1 Easybookmarker | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) delete_folder and (2) delete_link parameters to unspecified vectors, possibly to (a) plugins/bookmarker/bookmarker_backend.php or (b) ajaxp.php, different vectors than CVE-2008-5654. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2009-3972 | 2 Joomla, Qproje | 2 Joomla\!, Com Siirler | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Q-Proje Siirler Bileseni (com_siirler) component 1.2 RC for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in an sdetay action to index.php. | |||||
CVE-2008-4178 | 1 Downline Goldmine | 2 Builder, New Addon | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-2929 | 1 Tgs-cms | 1 Tgs Content Management | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in TGS Content Management 0.x allow remote attackers to execute arbitrary SQL commands via the (1) tgs_language_id, (2) tpl_dir, (3) referer, (4) user-agent, (5) site, (6) option, (7) db_optimization, (8) owner, (9) admin_email, (10) default_language, and (11) db_host parameters to cms/index.php; and the (12) cmd, (13) s_dir, (14) minutes, (15) s_mask, (16) test3_mp, (17) test15_file1, (18) submit, (19) brute_method, (20) ftp_server_port, (21) userfile14, (22) subj, (23) mysql_l, (24) action, and (25) userfile1 parameters to cms/frontpage_ception.php. NOTE: some of these parameters may be applicable only in nonstandard versions of the product, and cms/frontpage_ception.php may be cms/frontpage_caption.php in all released versions. | |||||
CVE-2009-2402 | 1 Phpecho Cms | 1 Phpecho Cms | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a thread action, a different vector than CVE-2008-0355. | |||||
CVE-2008-1889 | 1 Xplodphp | 1 Autotutorials | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials 2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-5208 | 2 Joomla, Mambo | 3 Com Datsogallery, Joomla, Mambo | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | |||||
CVE-2008-2189 | 1 Anserv | 1 Auction Xl | 2023-12-10 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in viewfaqs.php in AnServ Auction XL allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
CVE-2009-3358 | 1 Tourismscripts | 1 Adult Portal Escort Listing | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | |||||
CVE-2008-7033 | 2 Galore, Joomla | 2 Com Simpleshop, Joomla\! | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the section parameter in a section action to index.php, a different vulnerability than CVE-2008-2568. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect. |