Total
11324 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-3185 | 1 Vclcomponents | 1 Relative Real Estate Systems | 2023-12-10 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in index.php in Relative Real Estate Systems 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action. | |||||
CVE-2008-6866 | 1 Php-nuke | 1 Current Issue Module | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action. | |||||
CVE-2008-2012 | 1 Postnuke Software Foundation | 1 Postschedule | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the eid parameter in an event action. | |||||
CVE-2008-2763 | 1 Xigla | 1 Absolute Live Support Xe | 2023-12-10 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in search.asp in Xigla Absolute Live Support XE 5.1 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. | |||||
CVE-2009-2242 | 1 Aaronoutpost | 1 Asp Inline Corporate Calendar | 2023-12-10 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in active_appointments.asp in ASP Inline Corporate Calendar allows remote attackers to execute arbitrary SQL commands via the order parameter. | |||||
CVE-2008-6255 | 1 Vbulletin | 1 Vbulletin | 2023-12-10 | 6.5 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php. | |||||
CVE-2008-6509 | 1 Igniterealtime | 1 Openfire | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp. | |||||
CVE-2009-2789 | 2 Joomla, Permis | 2 Joomla, Com Groups | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Permis (com_groups) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2009-2383 | 2 Blogtrafficexchange, Wordpress | 2 Related-sites, Wordpress | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the guid parameter. | |||||
CVE-2009-3150 | 1 Multi-website | 1 Multi Website | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in Multi Website 1.5 allows remote attackers to execute arbitrary SQL commands via the Browse parameter in a vote action. | |||||
CVE-2009-0863 | 1 Matteoiammarrone | 1 S-cms | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-1535 | 1 Matti Kiviharju | 1 Rekry Component | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Matti Kiviharju rekry (aka com_rekry or rekry!Joom) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the op_id parameter in a view action to index.php. | |||||
CVE-2008-6989 | 1 Ezphotogallery | 1 Ezphotogallery | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
CVE-2008-5311 | 1 Netart Media | 1 Blog System | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2009-1032 | 1 Yabsoft | 1 Advanced Image Hosting Script | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter. | |||||
CVE-2008-5490 | 1 Phpstore | 1 Yahoo Answers | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in PHPStore Yahoo Answers allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-2537 | 1 Hispah | 1 Model Search | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in cat.php in HispaH Model Search allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
CVE-2008-6694 | 2 Fr.simon Rundell, Typo3 | 2 Ste Prayer, Typo3 | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
CVE-2008-3051 | 1 Typo3 | 1 Pinboard Extension | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2009-2639 | 1 Mrcgiguy | 1 The Ticket System | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in admin.php in MRCGIGUY The Ticket System 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewticket action. |