Total
18766 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5599 | 1 Merlix | 1 Teamworx Server | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to execute arbitrary SQL commands via the password parameter (aka passwd field) in a login action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4574 | 1 I-escorts | 1 I-escorts Directory Script | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in country_escorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the country_id parameter. | |||||
| CVE-2008-6379 | 1 Mxmania | 1 Gallery Mx | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-1344 | 1 Myiosoft | 1 Easycalendar | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MyioSoft EasyCalendar 4.0tr and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year parameter in a dayview action to plugins/calendar/calendar_backend.php and the (2) page parameter to ajaxp_backend.php. | |||||
| CVE-2008-3346 | 1 E-topbiz | 1 Shopcart Dx | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_detail.php in ShopCart DX allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2008-1650 | 1 Myiosoft | 1 Easynews | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edp_Help_Internal_News action. | |||||
| CVE-2008-4074 | 1 Zanfi Solutions | 1 Autodealers Cms Autonline | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-2902 | 1 Alstrasoft | 1 Askme Pro | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to forum_answer.php is already covered by CVE-2007-4085. | |||||
| CVE-2008-6867 | 1 Scripts For Sites | 1 Ez Career | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter. | |||||
| CVE-2008-4073 | 1 Zanfi Solutions | 1 Autodealers Cms Autonline | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a DBpAGE action. | |||||
| CVE-2008-6452 | 1 Oceandir | 1 Oceandir | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show_vote.php in Oceandir 2.9 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2700 | 1 Gwm | 1 Galatolo Webmanager | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in Galatolo WebManager 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6808 | 1 Scripts-for-sites | 1 Ez Link Directory | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in links.php in Scripts for Sites (SFS) EZ Link Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | |||||
| CVE-2008-4574 | 1 Aspindir | 1 Ayco Okul Portali | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | |||||
| CVE-2009-4380 | 1 Valarsoft | 1 Webmatic | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-2925. | |||||
| CVE-2009-0110 | 1 Riotpix | 1 Riotpix | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | |||||
| CVE-2007-4581 | 1 Wbb2-addon | 1 Acrotxt | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in acrotxt.php in WBB2-Addon: Acrotxt 1 allows remote attackers to execute arbitrary SQL commands via the show parameter. | |||||
| CVE-2008-4356 | 1 Kasseler-cms | 1 Kasseler Cms | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result action to the Voting module; (3) the fid parameter to index.php in a ShowForum action to the Forum module; (4) the tid parameter to index.php in a ShowTopic action to the Forum module; (5) the uname parameter to index.php in a UserInfo action to the Account module; or (6) the module parameter to index.php, probably related to the TopSites module. | |||||
| CVE-2008-1699 | 1 Desiquintans | 1 Writers Block Cms | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in permalink.php in Desi Quintans Writer's Block CMS 3.8a allows remote attackers to execute arbitrary SQL commands via the PostID parameter. | |||||
| CVE-2009-2639 | 1 Mrcgiguy | 1 The Ticket System | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.php in MRCGIGUY The Ticket System 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewticket action. | |||||