Total
11324 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-3358 | 1 Tourismscripts | 1 Adult Portal Escort Listing | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | |||||
CVE-2008-7033 | 2 Galore, Joomla | 2 Com Simpleshop, Joomla\! | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the section parameter in a section action to index.php, a different vulnerability than CVE-2008-2568. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect. | |||||
CVE-2009-3661 | 2 Blueconstantmedia, Joomla | 2 Com Djcatalog, Joomla | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php. | |||||
CVE-2008-2337 | 1 Imgallery | 1 Imgallery | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in IMGallery 2.5, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kategoria parameter to (a) galeria.php and the (2) id_phot parameter to (b) popup/koment.php and (c) popup/opis.php in, different vectors than CVE-2006-3163. | |||||
CVE-2009-3778 | 2 Adam Gerson, Drupal | 2 Moodle Courselist, Drupal | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in Moodle Course List 6.x before 6.x-1.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2008-3580 | 1 Qsoft | 1 K-links | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to visit.php, or the PATH_INFO to the default URI under (2) report/, (3) addreview/, or (4) refer/. | |||||
CVE-2008-5595 | 1 Aspapps | 1 Asp Autodealer | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
CVE-2008-4142 | 1 Ephpscripts | 1 E-php Cms | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in article.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the es_id parameter. | |||||
CVE-2008-5924 | 1 Asp-dev | 1 Xm Events Diary | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in diary_viewC.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2008-1732 | 1 Predictionfootball | 1 Predictionfootball | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in showpredictionsformatch.php in Prediction Football 1.x allows remote attackers to execute arbitrary SQL commands via the matchid parameter in a dupa action. | |||||
CVE-2008-6379 | 1 Mxmania | 1 Gallery Mx | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
CVE-2008-6011 | 1 Sg Real Estate Portal | 1 Sg Real Estate Portal | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | |||||
CVE-2009-3500 | 1 Bpowerhouse | 1 Bpgames | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php. | |||||
CVE-2009-1613 | 1 Gowondesigns | 1 Leap | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in leap.php in Leap CMS 0.1.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchterm or (2) email parameter. | |||||
CVE-2008-2918 | 1 Application Dynamics | 1 Cartweaver | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote attackers to execute arbitrary SQL commands via the prodId parameter, possibly a related issue to CVE-2006-2046.3. | |||||
CVE-2008-3943 | 1 Ezonescripts | 1 Living Local | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows remote attackers to execute arbitrary SQL commands via the r parameter. | |||||
CVE-2008-2917 | 1 Preprojects | 1 E-smart Cart | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
CVE-2008-4706 | 1 Vbulletin | 1 Vbgooglemap | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in VBGooglemap Hotspot Edition 1.0.3, a vBulletin module, allows remote attackers to execute arbitrary SQL commands via the mapid parameter in a showdetails action to (1) vbgooglemaphse.php and (2) mapa.php. | |||||
CVE-2008-7114 | 1 Ifusionservices | 1 Ifdate | 2023-12-10 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in members_search.php in iFusion Services iFdate 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the name field. | |||||
CVE-2009-1746 | 1 Diangemilang | 1 Dgnews | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. |