Total
11296 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-6917 | 1 Exoscripts | 1 Exophpdesk | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user parameter). | |||||
CVE-2008-4713 | 1 212cafe | 1 212cafeboard | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in view.php in 212cafe Board 0.07 allows remote attackers to execute arbitrary SQL commands via the qID parameter. | |||||
CVE-2008-2633 | 1 Joomla | 2 Com Joomradio, Joomla | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the EXP JoomRadio (com_joomradio) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) show_radio or (2) show_video action to index.php. | |||||
CVE-2009-3913 | 1 Xerox | 1 Fiery Webtools | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter. | |||||
CVE-2008-6319 | 1 Cfmsource | 1 Cf Calendar | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter. | |||||
CVE-2009-1819 | 1 2daybiz | 1 Custom T-shirt Design Script | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2009-0296 | 1 Gempar | 1 Script Toko Online | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in shop_display_products.php in Script Toko Online 5.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
CVE-2009-0377 | 1 Joomla | 2 Com Beamospetition, Joomla | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132. | |||||
CVE-2009-2034 | 1 Ricardo Alexandre De Oliveira Staudt | 1 Yogurt | 2023-12-10 | 6.0 MEDIUM | N/A |
SQL injection vulnerability in writemessage.php in Yogurt 0.3, when register_globals is enabled, allows remote authenticated users to execute arbitrary SQL commands via the original parameter. | |||||
CVE-2008-5653 | 1 Myiosoft.com | 1 Ajaxportal | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information. | |||||
CVE-2008-2443 | 1 Therealestatescript | 1 The Real Estate Script | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in dpage.php in The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the docID parameter. | |||||
CVE-2008-2556 | 1 Hessel Brouwer | 1 Php Visit Counter | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in read.php in PHP Visit Counter 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the datespan parameter in a read action. | |||||
CVE-2008-4643 | 1 Mywebland | 1 Mystats | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in hits.php in myWebland myStats allows remote attackers to execute arbitrary SQL commands via the sortby parameter. | |||||
CVE-2009-3116 | 1 Uiga | 1 Church Portal | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the year parameter in a calendar action. | |||||
CVE-2009-3119 | 2 Php-fusion, X-iweb.ru | 2 Php-fusion, Download System Msf | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in screen.php in the Download System mSF (dsmsf) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the view_id parameter. | |||||
CVE-2009-4339 | 2 Stephan Vits, Typo3 | 2 Mf Subscription, Typo3 | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Subscription (mf_subscription) extension 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
CVE-2008-4423 | 1 Ovidentia | 1 Ovidentia | 2023-12-10 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the item parameter in a contact modify action. | |||||
CVE-2008-2893 | 1 Ajhyip | 1 Aj Square Aj-hyip | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-2532. | |||||
CVE-2008-5882 | 2 Avaya, Citrix | 4 Ag250, Broadcast Server, Application Gateway For Avaya and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in login.asp in Citrix Application Gateway - Broadcast Server (BCS) before 6.1, as used by Avaya AG250 - Broadcast Server before 2.0 and possibly other products, allows remote attackers to execute arbitrary SQL commands via the txtUID parameter. | |||||
CVE-2008-4159 | 1 Zanfi Solutions | 2 Jaw Portal, Zanfi Cms Lite | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter. |