Total
18744 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2381 | 1 Gforge | 1 Gforge | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable. | |||||
| CVE-2008-6459 | 1 Typo3 | 2 Autobeuser, Typo3 | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the auto BE User Registration (autobeuser) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4158 | 2 Mario Matzulla, Typo3 | 2 Cal, Typo3 | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Calendar Base (cal) extension before 1.2.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2007-6484 | 1 Phprpg | 1 Phprpg | 2026-04-23 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in phpRPG 0.8 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0510 | 2 Joomla, Mambo | 3 Com Newsletter, Com Newsletter, Mambo | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | |||||
| CVE-2009-4256 | 1 Truesolution | 1 Alefmentor | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in cource.php in AlefMentor 2.0 and 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) cont_id and (2) courc_id parameters in a pregled action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5838 | 1 Ephpscripts | 1 E-shop Shopping Cart | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search_results.php in E-Php Scripts E-Shop (aka E-Php Shopping Cart) Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-2225 | 1 Gamecms | 1 Gamecms Lite | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId parameter. | |||||
| CVE-2009-0730 | 3 Gigcalendar, Joomla, Mambo | 3 Com Gigcalendar, Joomla, Mambo | 2026-04-23 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, which is not properly handled by venuedetails.php, and (2) the gigcal_bands_id parameter in a details action to index.php, which is not properly handled by banddetails.php, different vectors than CVE-2009-0726. | |||||
| CVE-2009-1503 | 1 Tigerdms | 1 Tigerdms | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in Tiger Document Management System (DMS) allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2008-6209 | 1 Vastal | 1 Software Zone | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_product.php in Vastal I-Tech Software Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2009-2339 | 1 Rentventory | 1 Rentventory | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Rentventory allows remote attackers to execute arbitrary SQL commands via the product parameter. | |||||
| CVE-2008-0789 | 1 Li-scripts | 1 Li-countdown | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in countdown.php in LI-Scripts LI-Countdown allows remote attackers to execute arbitrary SQL commands via the years parameter. | |||||
| CVE-2008-6115 | 1 Prozilla | 1 Hosting Index | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action, a different vector than CVE-2008-2083. | |||||
| CVE-2008-6327 | 1 Manzovi | 1 Proquiz | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312. | |||||
| CVE-2008-1909 | 1 Chadha Software Technologies | 1 Phpkb Knowledge Base | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2009-2021 | 1 Virtuenetz | 1 Virtue Classifieds | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in Virtue Classifieds allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2008-7059 | 1 Aled Owen | 1 One-news | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter. | |||||
| CVE-2007-3063 | 1 Mealex | 1 My Databook | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in diary.php in My Databook allows remote attackers to execute arbitrary SQL commands via the delete parameter. | |||||
| CVE-2009-4221 | 1 Smartisoft | 1 Phpbazar | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767. | |||||