Total
18800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4660 | 1 Typo3 | 2 M1 Intern, Typo3 | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the M1 Intern (m1_intern) 1.0.0 extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-2883 | 1 Arabless | 1 Saphplesson | 2026-04-23 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin/login.php in SaphpLesson 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cp_username parameter, related to an error in the CleanVar function in includes/functions.php. | |||||
| CVE-2009-0447 | 1 Aspindir | 1 Mydesign Sayac | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in default.asp in MyDesign Sayac 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the user parameter (aka UserName field) or (2) the pass parameter (aka Pass field) to (a) admin/admin.asp or (b) the default URI under admin/. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1336 | 1 Koobi | 1 Koobi Cms | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Koobi CMS 4.2.3 through 4.3.0 allows remote attackers to execute arbitrary SQL commands via the categ parameter in a links action to index.php, a different vector than CVE-2008-1122. | |||||
| CVE-2007-2000 | 1 Raphael Limbach | 1 Crea-book | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/admin.php in Crea-Book 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pseudo or (2) passe parameter. | |||||
| CVE-2008-0683 | 1 Wordpress | 1 St Newsletter Plugin | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter. | |||||
| CVE-2008-2972 | 1 Kblance | 1 Kblance | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a comment action. | |||||
| CVE-2008-3250 | 1 Arctictracker | 1 Arctic Issue Tracker | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Arctic Issue Tracker 2.0.0 allows remote attackers to execute arbitrary SQL commands via the filter parameter. | |||||
| CVE-2008-1871 | 1 Scriptsagent | 1 Links Directory | 2026-04-23 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in links.php in Scriptsagent.com Links Directory 1.1 allows remote authenticated users to execute arbitrary SQL commands via the cat_id parameter in a list action. | |||||
| CVE-2008-0911 | 1 Iscripts | 1 Multicart | 2026-04-23 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in productdetails.php in iScripts MultiCart 2.0 allows remote authenticated users to execute arbitrary SQL commands via the productid parameter. | |||||
| CVE-2007-5372 | 2 Dws Systems Inc., Ledgersmb | 2 Sql-ledger, Ledgersmb | 2026-04-23 | 10.0 HIGH | N/A |
| Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field. | |||||
| CVE-2007-5719 | 1 Minibb | 1 Minibb | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows remote attackers to execute arbitrary SQL commands via the table parameter to index.php. | |||||
| CVE-2008-4169 | 1 Iscripts | 1 Easyindex | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote attackers to execute arbitrary SQL commands via the produid parameter. | |||||
| CVE-2007-5999 | 1 Softbizscripts | 1 Softbiz Auctions Script | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_desc.php in Softbiz Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6127 | 1 Project Alumni | 1 Project Alumni | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the year parameter to (1) view.page.inc.php, which is reachable through a view action to index.php; or (2) the year parameter to news.page.inc.php, which is reachable through a news action to index.php. | |||||
| CVE-2007-4863 | 1 Quirm | 1 Saxon | 2026-04-23 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in example.php in SAXON 5.4 allows remote attackers to execute arbitrary SQL commands via the template parameter. | |||||
| CVE-2008-6779 | 1 Phpnuke | 2 Php-nuke, Sarkilar Module | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php. | |||||
| CVE-2008-6392 | 1 1scripts | 1 Z1exchange | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6467 | 1 Dieselscripts | 1 Diesel Job Site | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in jobs/jobseekers/job-info.php in Diesel Job Site allows remote attackers to execute arbitrary SQL commands via the job_id parameter. | |||||
| CVE-2007-5150 | 1 Nukescripts | 1 Nukesentinel | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie, a different vector than CVE-2007-5125. | |||||