Total
16213 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3370 | 1 Emc | 1 Centera Universal Access | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the CUA Login Module in EMC Centera Universal Access (CUA) 4.0_4735.p4 allows remote attackers to execute arbitrary SQL commands via the user (user name) field. | |||||
| CVE-2008-2678 | 1 Telephone | 1 Telephone Directory 2008 | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) code parameter in a confirm_data action to edit1.php and the (2) id parameter to view_more.php. | |||||
| CVE-2008-3347 | 1 Myiosoft | 1 Easydynamicpages | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to execute arbitrary SQL commands via the read parameter. | |||||
| CVE-2008-3403 | 1 Mojoscripts | 1 Mojopersonals | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mojoClassified.cgi in MojoPersonals allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2009-1850 | 1 Benjamin Curtis | 1 Phpbugtracker | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2009-2782 | 2 Jfusion, Joomla | 2 Com Jfusion, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JFusion (com_jfusion) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
| CVE-2008-3416 | 1 Icebb | 1 Icebb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/members.php in IceBB before 1.0-rc9.3 allows remote attackers to execute arbitrary SQL commands via the username parameter in a members action to index.php, related to an incorrect protection mechanism in the clean_string function in includes/functions.php. | |||||
| CVE-2008-3039 | 1 Typo3 | 1 Dam Frontend Extension | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-4650 | 1 Mywebland | 1 Myevent | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewevent.php in myEvent 1.6 allows remote attackers to execute arbitrary SQL commands via the eventdate parameter. | |||||
| CVE-2009-0883 | 1 Amunak | 1 Blue Eye Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in Blue Eye CMS 1.0.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the BlueEyeCMS_login cookie parameter. | |||||
| CVE-2008-6573 | 1 Avaya | 1 Communication Manager | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya Communication Manager 3.x, 4.0, and 5.0 (1) allow remote attackers to execute arbitrary SQL commands via unspecified vectors related to profiles in the SIP Personal Information Manager (SPIM) in the web interface; and allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to (2) permissions for SPIM profiles in the web interface and (3) a crafted SIP request to the SIP server. | |||||
| CVE-2009-1909 | 1 Openskip | 1 Skip | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6788 | 1 Minddezign | 1 Photo Gallery | 2025-04-09 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in MindDezign Photo Gallery 2.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in an info action to index.php. | |||||
| CVE-2009-1282 | 1 Glfusion | 1 Glfusion | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the glf_session cookie parameter. | |||||
| CVE-2009-2885 | 1 Phpscriptsnow | 1 World\'s Tallest Buildings | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter. | |||||
| CVE-2008-2461 | 1 Netious | 1 Netious Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Netious CMS 0.4 allows remote attackers to execute arbitrary SQL commands via the pageid parameter, a different vector than CVE-2006-4047. | |||||
| CVE-2008-2183 | 1 Toocharger | 1 Smartblog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to execute arbitrary SQL commands via the idt parameter. | |||||
| CVE-2007-0196 | 1 Motionborg | 1 Motionborg Web Real Estate | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin_check_user.asp in Motionborg Web Real Estate 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the username field (txtUserName parameter) and possibly other parameters. NOTE: some details were obtained from third party information. | |||||
| CVE-2009-0401 | 1 Ephpscripts | 1 E-php Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-4044 | 1 Aj Square | 1 Aj Hyip | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article/readarticle.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the artid parameter. | |||||