Total
18729 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5951 | 1 E-vendejo | 1 0.2 | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4460 | 1 Vastal I-tech | 1 Mmorpg Zone | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in game.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the game_id parameter. | |||||
| CVE-2008-6244 | 1 Scripts-for-sites | 1 Ez Gaming Cheats | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_reviews.php in Scripts for Sites (SFS) EZ Gaming Cheats allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0270 | 1 Taskfreak | 1 Taskfreak | 2026-04-23 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in index.php in TaskFreak! 0.6.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sContext parameter. | |||||
| CVE-2009-2152 | 1 Isabela Gasparini | 1 Adaptweb | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in a_index.php in AdaptWeb 0.9.2 allows remote attackers to execute arbitrary SQL commands via the CodigoDisciplina parameter in a TopicosCadastro1 action. | |||||
| CVE-2008-3489 | 1 Phpx | 1 Phpx | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie. | |||||
| CVE-2008-3258 | 1 Zoph | 1 Zoph | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Zoph before 0.7.0.5 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-2989 | 1 Homap | 1 Homap | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in HoMaP-CMS 0.1 allows remote attackers to execute arbitrary SQL commands via the go parameter. | |||||
| CVE-2008-5571 | 1 Dotnetindex | 1 Professional Download Assistant | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.asp in Professional Download Assistant 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) uname parameter (aka user field) or the (2) psw parameter (aka passwd field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1500 | 1 Projectcms | 1 Projectcms | 2026-04-23 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in ProjectCMS 1.0 Beta allows remote attackers to execute arbitrary SQL commands via the sn parameter. | |||||
| CVE-2009-0458 | 1 Wholehogsoftware | 1 Ware Support | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Ware Support 1.x allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-2361 | 1 Osticket | 1 Osticket | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter. | |||||
| CVE-2008-3133 | 1 Barenuked | 1 Barenuked Cms | 2026-04-23 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2008-5940 | 1 Modxcms | 1 Modxcms | 2026-04-23 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the searchid parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-2142 | 1 Zipstore | 1 Zip Store Chat | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/index.asp in Zip Store Chat 4.0 and 5.0 allow remote attackers to execute arbitrary SQL commands via the (1) login and (2) senha parameters. | |||||
| CVE-2008-3948 | 1 Xrms | 1 Xrms Crm | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/users/self-2.php in XRMS allows remote attackers to execute arbitrary SQL commands and modify name and email fields via unspecified vectors. | |||||
| CVE-2009-2545 | 1 Anelectron | 1 Advanced Electron Forum | 2026-04-23 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in Advanced Electron Forum (AEF) 1.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the filename in an uploaded attachment. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-1662 | 1 Recipescript | 1 Recipe Script | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/login.php in Wright Way Services Recipe Script 5 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) Password fields, as reachable from admin/index.php. | |||||
| CVE-2008-1295 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2026-04-23 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in archives.php in Gregory Kokanosky (aka Greg's Place) phpMyNewsletter 0.8 beta 5 and earlier allows remote attackers to execute arbitrary SQL commands via the msg_id parameter. | |||||
| CVE-2008-6419 | 1 Socialsitegenerator | 1 Social Site Generator | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php. | |||||