Total
18765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6007 | 1 Quidascript | 1 Bookmarks Favourites Script | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_group.php in QuidaScript BookMarks Favourites Script (APB) allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4527 | 1 Php-fusion | 1 Recepies Module | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in recept.php in the Recepies (Recept) module 1.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the kat_id parameter in a kategorier action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-3030 | 1 Efes Tech Shop | 1 Efes Tech Shop | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action. | |||||
| CVE-2008-1921 | 1 5th Avenue Software | 1 5th Avenue Shopping Cart | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in store_pages/category_list.php in 5th Avenue Shopping Cart 1.2 trial edition allows remote attackers to execute arbitrary SQL commands via the category_ID parameter. | |||||
| CVE-2007-6586 | 1 Niclor | 1 Niclor | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php. | |||||
| CVE-2008-2630 | 1 Joomla | 1 Com Jb2 | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter in a category action to index.php. | |||||
| CVE-2009-2106 | 2 Projektseminar Proservice Wwu, Typo3 | 2 Virtual Civil Services, Typo3 | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Virtual Civil Services (civserv) extension 4.3.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-2765 | 1 Xigla | 1 Absolute Image Gallery Xe | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.asp in Xigla Absolute Image Gallery XE allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action. | |||||
| CVE-2009-0829 | 1 Andrew Freed | 1 Quotebook | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the (1) MyBox and (2) selectFavorites parameters to (a) quotes.php and the (3) QuoteName and (4) QuoteText parameters to (b) quotesadd.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0827 | 1 Phpnuke | 1 Book | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Books module of PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-5491 | 1 Slimcms | 1 Slimcms | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in edit.php in SlimCMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the pageID parameter. | |||||
| CVE-2008-3952 | 1 Editeurscripts Esfaq | 1 2.0 | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in questions.php in EsFaq 2.0 allows remote attackers to execute arbitrary SQL commands via the idcat parameter. | |||||
| CVE-2007-6391 | 1 Sh-news | 1 Sh-news | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in patch/comments.php in SH-News 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6102 | 1 Ezonescripts | 1 Link Trader Script | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ratelink.php in Link Trader Script allows remote attackers to execute arbitrary SQL commands via the lnkid parameter. | |||||
| CVE-2007-4919 | 1 Jblog | 1 Jblog | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in JBlog 1.0 allow (1) remote attackers to execute arbitrary SQL commands via the id parameter to index.php, and allow (2) remote authenticated administrators to execute arbitrary SQL commands via the id parameter to admin/modifpost.php. | |||||
| CVE-2008-1149 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-23 | 5.1 MEDIUM | N/A |
| phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies. | |||||
| CVE-2008-0267 | 1 Eticket | 1 Eticket | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php. | |||||
| CVE-2006-6402 | 1 Mystats | 1 Mystats | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mystats.php in MyStats 1.0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the details parameter. | |||||
| CVE-2008-6985 | 1 Zen-cart | 1 Zen Cart | 2026-04-23 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart. | |||||
| CVE-2008-0785 | 1 Cacti | 1 Cacti | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login. | |||||