Total
18768 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2918 | 1 Application Dynamics | 1 Cartweaver | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote attackers to execute arbitrary SQL commands via the prodId parameter, possibly a related issue to CVE-2006-2046.3. | |||||
| CVE-2007-6138 | 1 Vu | 1 Mass Mailer | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in redir.asp in VU Mass Mailer allows remote attackers to execute arbitrary SQL commands via the password parameter to Default.asp (aka the Login Page). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-2534 | 1 Phphoo3 | 1 Phphoo3 | 2026-04-23 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a login. NOTE: CVE disputes this vulnerability, since ADMIN_USER/ADMIN_PASS are initialized before use | |||||
| CVE-2008-4732 | 2 Pressography, Wordpress | 2 Wp Comment Remix Plugin, Wordpress | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter. | |||||
| CVE-2008-1732 | 1 Predictionfootball | 1 Predictionfootball | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showpredictionsformatch.php in Prediction Football 1.x allows remote attackers to execute arbitrary SQL commands via the matchid parameter in a dupa action. | |||||
| CVE-2008-3682 | 1 Ypninc | 1 Php Realty | 2026-04-23 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in dpage.php in YPN PHP Realty allows remote attackers to execute arbitrary SQL commands via the docID parameter. | |||||
| CVE-2009-4428 | 2 Joomla, Joomplace | 2 Joomla, Com Joomportfolio | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JoomPortfolio (com_joomportfolio) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the secid parameter in a showcat action to index.php. | |||||
| CVE-2006-5221 | 1 Cahier De Textes | 1 Cahier De Textes | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Cahier de texte 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) matiere_ID parameter in lire.php or the (2) classe_ID parameter in lire_a_faire.php. | |||||
| CVE-2008-0771 | 1 Site2nite | 1 Real Estate Web | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in default.asp in Site2Nite allow remote attackers to execute arbitrary SQL commands via the (1) txtUserName and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1863 | 1 Prozilla | 1 Cheats | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_reviews.php in Prozilla Cheat Script (aka Cheats) 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-4881 | 1 Psi-labs | 1 Social Networking Script Psisns | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile/myprofile.php in psi-labs.com social networking script (psisns), probably 1.0, allows remote attackers to execute arbitrary SQL commands via the u parameter. | |||||
| CVE-2009-2881 | 1 Artis.imag | 1 Basilic | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote attackers to execute arbitrary SQL commands via the idAuthor parameter to (1) index.php and possibly (2) allpubs.php in publications/. | |||||
| CVE-2009-2308 | 2 Punbb, Punres | 2 Punbb, Affiliates Mod | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in affiliates.php in the Affiliation (aka Affiliates) module 1.1.0 and earlier for PunBB allow remote attackers to execute arbitrary SQL commands via the (1) in or (2) out parameter. | |||||
| CVE-2008-3132 | 1 Joomla | 1 Com Beamospetition | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the beamospetition (com_beamospetition) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pet parameter to index.php. | |||||
| CVE-2008-3341 | 1 Jobbex | 1 Jobsite | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in search_result.cfm in Jobbex JobSite allow remote attackers to execute arbitrary SQL commands via the (1) jobcountryid and (2) jobstateid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-2997 | 1 Salescart | 1 Shopping Cart | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in cgi-bin/reorder2.asp in SalesCart Shopping Cart allow remote attackers to execute arbitrary SQL commands via the password field and other unspecified vectors. NOTE: the vendor disputes this issue, stating "We were able to reproduce this sql injection on an old out-of-date demo on the website but not on the released product. | |||||
| CVE-2008-0255 | 1 Igamingcms | 1 Igaming Cms | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter. | |||||
| CVE-2009-1263 | 2 Alikonweb, Joomla | 2 Com Bookjoomlas, Joomla | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php. | |||||
| CVE-2008-6881 | 2 Joomla, Joompolitan | 2 Joomla\!, Com Livechat | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to (1) getChat.php, (2) getChatRoom.php, and (3) getSavedChatRooms.php. | |||||
| CVE-2008-6880 | 1 Easysitenetwork | 1 Jokes Complete Website | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes Website allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||