Total
18765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5882 | 2 Avaya, Citrix | 4 Ag250, Broadcast Server, Application Gateway For Avaya and 1 more | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp in Citrix Application Gateway - Broadcast Server (BCS) before 6.1, as used by Avaya AG250 - Broadcast Server before 2.0 and possibly other products, allows remote attackers to execute arbitrary SQL commands via the txtUID parameter. | |||||
| CVE-2008-5649 | 1 Alstrasoft | 1 Article Manager Pro | 2026-04-23 | 10.0 HIGH | N/A |
| SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2009-3669 | 2 Foobla, Joomla | 2 Com Foobla Suggestions, Joomla | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the foobla Suggestions (com_foobla_suggestions) component 1.5.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the idea_id parameter to index.php. | |||||
| CVE-2008-5959 | 1 Active Web Softwares | 1 Active Test | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or (2) password parameter (aka password field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-3722 | 1 Fipsasp | 1 Fipscms | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-6026 | 1 Bluecube | 1 Bluecube Cms | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1349 | 1 Exv2 | 2 Bamagalerie, Exv2 | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Galerie) 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-3343 | 1 Hotwebscripts | 1 Hotweb Rentals | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in details.asp in HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PropId parameter. | |||||
| CVE-2008-2189 | 1 Anserv | 1 Auction Xl | 2026-04-23 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in viewfaqs.php in AnServ Auction XL allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2009-1258 | 2 Joomla, Rd-media | 2 Joomla, Com Rdautos | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2789 | 1 Basic-cms | 1 Basic-cms | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pages/index.php in BASIC-CMS allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | |||||
| CVE-2009-3175 | 1 Boldfx | 1 Model Agency Manager Pro | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Model Agency Manager PRO (formerly Modeling Agency Content Management Script) allow remote attackers to execute arbitrary SQL commands via the user_id parameter to (1) view.php, (2) photos.php, and (3) motm.php; and the (4) id parameter to forum_message.php. | |||||
| CVE-2008-6286 | 1 Activewebsoftwares | 1 Active Newsletter | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SubscriberStart.asp in Active Newsletter 4.3 allow remote attackers to execute arbitrary SQL commands via (1) the email parameter (aka username or E-mail field), or (2) the password parameter (aka password field), to (a) Subscriber.asp or (b) start.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3208 | 1 Prakashatma Mishra | 1 Phpfreebb | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to permalink.php and (2) year parameter to index.php. | |||||
| CVE-2008-2479 | 1 Badongo | 1 Phpfix | 2026-04-23 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) kind parameter to fix/browse.php and the (2) account parameter to auth/00_pass.php. | |||||
| CVE-2009-0516 | 1 Businessspace | 1 Businessspace | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the classified page (classified.php) in BusinessSpace 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2007-6602 | 1 Noserub | 1 Noserub | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username field to the login script. | |||||
| CVE-2008-1874 | 1 Xpoze | 1 Xpoze Pro | 2026-04-23 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in account/user/mail.html in Xpoze Pro 3.05 and earlier allows remote authenticated users to execute arbitrary SQL commands via the reed parameter. | |||||
| CVE-2008-0422 | 1 Boastmachine | 1 Boastmachine | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mail.php in boastMachine (aka bMachine) 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4369 | 1 Availscript | 1 Availscript Photo Album | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pics.php in Availscript Photo Album allows remote attackers to execute arbitrary SQL commands via the sid parameter. | |||||