Total
18729 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6372 | 1 Ocean12tech | 1 Faq Manager Pro | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a Cat action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5208 | 2 Joomla, Mambo | 3 Com Datsogallery, Joomla, Mambo | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | |||||
| CVE-2008-6853 | 1 Netcat | 1 Netcat | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter. | |||||
| CVE-2008-6166 | 2 Jmds, Joomla | 2 Com Kbase, Joomla | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the KBase (com_kbase) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. | |||||
| CVE-2008-4772 | 1 Questwork | 1 Questcms | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main/main.php in QuestCMS allows remote attackers to execute arbitrary SQL commands via the obj parameter. | |||||
| CVE-2008-0853 | 2 Joomla, Mambo | 2 Com Detail, Com Detail | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in CVE. | |||||
| CVE-2009-2888 | 1 Phpscriptsnow | 1 Hangman | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to execute arbitrary SQL commands via the n parameter. | |||||
| CVE-2008-2844 | 1 Carscripts | 1 Carscripts Classifieds | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Carscripts Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-5122 | 1 Ektron | 1 Cms4000.net | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in Ektron CMS400.NET 7.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the res parameter. | |||||
| CVE-2007-6458 | 1 My123tkshop | 1 E-commerce-suite | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shop/mainfile.php in 123tkShop 0.9.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded value of the admin parameter to shop/admin.php. | |||||
| CVE-2008-5559 | 1 Dazzlindonna | 1 Postecards | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sendcard.cfm in PostEcards allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-0287 | 1 Keep Toolkit | 1 Keep Toolkit | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password. | |||||
| CVE-2008-4753 | 1 Aj Square Inc | 1 Rss Reader | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in EditUrl.php in AJ Square RSS Reader allows remote attackers to execute arbitrary SQL commands via the url parameter. | |||||
| CVE-2008-4675 | 1 Phpcounter | 1 Phpcounter | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHPcounter 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||||
| CVE-2008-6778 | 1 Scripts-for-sites | 1 Ez Auction | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2009-2605 | 1 Traidnt | 1 Traidnt Up | 2026-04-23 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in adminquery.php in Traidnt Up 2.0 allow remote attackers to execute arbitrary SQL commands via (1) trupuser and (2) truppassword cookies to uploadcp/index.php. | |||||
| CVE-2009-0327 | 1 Seraphimtech | 1 Free Bible Search Php Script | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in readbible.php in Free Bible Search PHP Script 1.0 allows remote attackers to execute arbitrary SQL commands via the version parameter. | |||||
| CVE-2008-6037 | 1 Availscript | 1 Availscript Article Script | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the v parameter. | |||||
| CVE-2008-3035 | 1 Xchangeboard | 1 Xchangeboard | 2026-04-23 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in newThread.php in XchangeBoard 1.70 Final and earlier allows remote authenticated users to execute arbitrary SQL commands via the boardID parameter. | |||||
| CVE-2008-2774 | 1 Cartkeeper | 1 Ckgold Shopping Cart | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in item.php in CartKeeper CKGold Shopping Cart 2.5 and 2.7 allows remote attackers to execute arbitrary SQL commands via the category_id parameter, a different vector than CVE-2007-4736. | |||||