Total
16215 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1640 | 1 Jgs-xa | 1 Jgs Treffen | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in jgs_treffen.php in the JGS-XA JGS-Treffen 2.0.2 and earlier addon for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the view_id parameter in an ansicht action. | |||||
| CVE-2008-2628 | 2 Joomla, Ron Liskey | 2 Joomla, Com Equotes | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2009-3325 | 2 Focusdev, Joomla | 2 Com Surveymanager, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Focusplus Developments Survey Manager (com_surveymanager) component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php. | |||||
| CVE-2008-1540 | 2 Joomla, Mambo | 2 Datsogallery, Datsogallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-5573 | 1 Adcomplete | 1 Poll Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login feature in Poll Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) Password and (2) username parameters. | |||||
| CVE-2008-4666 | 1 Deeserver | 1 Ultimate Webboard | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00 allows remote attackers to execute arbitrary SQL commands via the Category parameter. | |||||
| CVE-2009-3336 | 1 Phpprobid | 1 Php Pro Bid | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auction_details.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auction_id parameter. | |||||
| CVE-2008-6803 | 1 Yigit Aybuga | 1 Dizi Portali | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in diziler.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-6664 | 1 Webportal | 1 Webportal Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WebPortal CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter. | |||||
| CVE-2008-1750 | 1 Livecart | 1 Livecart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Integry Systems LiveCart 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to the /category URI. | |||||
| CVE-2008-6133 | 1 Ozsari | 1 Full Php Emlak Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3942. | |||||
| CVE-2009-3533 | 1 John Beranek | 1 Meeting Room Booking System | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in report.php in Meeting Room Booking System (MRBS) before 1.4.2 allows remote attackers to execute arbitrary SQL commands via the typematch parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1259 | 1 Insanevisions | 1 Adaptbb | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php. | |||||
| CVE-2006-7138 | 1 Oracle | 1 Apex | 2025-04-09 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in wwv_flow_utilities.gen_popup_list in the WWV_FLOW_UTILITIES package for Oracle APEX/HTMLDB before 2.2 allows remote authenticated users to execute arbitrary SQL by modifying the P_LOV parameter and calculating a matching MD5 checksum for the P_LOV_CHECKSUM parameter. NOTE: it is likely that this issue is subsumed by CVE-2006-5351, but due to lack of details from Oracle, this cannot be proven. | |||||
| CVE-2009-2790 | 1 Softbiz | 1 Dating Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4. | |||||
| CVE-2008-2903 | 1 Awbs | 1 Advanced Webhost Billing System | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in news.php in Advanced Webhost Billing System (AWBS) 2.3.3 through 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the viewnews parameter. | |||||
| CVE-2007-5836 | 1 Afcommerce | 1 Afcommerce | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Amazing Flash AFCommerce allows remote attackers to execute arbitrary SQL commands via the firstname parameter to an unspecified component, a different issue than CVE-2006-3794. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-6671 | 1 Instantsoftwares | 1 Dating Site | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-6021. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1410 | 1 Opensolution | 1 Quick.cms.lite | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-5975 | 1 Torrentstrike | 1 Torrentstrike | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in index.php in TBSource, as used in (1) TBDev and (2) TorrentStrike 0.4, allows remote authenticated users to execute arbitrary SQL commands via the choice parameter. NOTE: some of these details are obtained from third party information. | |||||