Total
16216 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2598 | 1 Onlinegrades | 1 Online Grades | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Online Grades & Attendance 3.2.6 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the key parameter in a resetpass action to index.php and (2) remote authenticated users to execute arbitrary SQL commands via the ADD parameter in a mailto action to parents/parents.php. | |||||
| CVE-2009-2341 | 1 Shalwan | 1 Opial | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in albumdetail.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the albumid parameter. | |||||
| CVE-2009-3246 | 1 Mybuxscript | 1 Pts-bux | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in spnews.php in MyBuxScript PTC-BUX allows remote attackers to execute arbitrary SQL commands via the id parameter in an spnews action to the default URI. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0705 | 1 Powerscripts | 1 Powernews | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | |||||
| CVE-2008-4902 | 1 Scripts Frenzy | 1 Article Publisher Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in contact_author.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter. | |||||
| CVE-2008-4143 | 1 Razorecommerce | 1 Shopping Cart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category_search.php in RazorCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1843 | 1 W2b | 1 Dating Club | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.php in W2B DatingClub (aka Dating Club) allows remote attackers to execute arbitrary SQL commands via the age_to parameter in a browsebyCat action. | |||||
| CVE-2009-1910 | 1 Rafal Kucharski | 1 Rtwebalbum | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RTWebalbum 1.0.462 allows remote attackers to execute arbitrary SQL commands via the AlbumId parameter. | |||||
| CVE-2009-2892 | 1 Scripteen | 1 Free Image Hosting Script | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in header.php in Scripteen Free Image Hosting Script 2.3 allow remote attackers to execute arbitrary SQL commands via a (1) cookid or (2) cookgid cookie. | |||||
| CVE-2008-6352 | 1 Xpoze | 1 Xpoze Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in home.html in Xpoze Pro 4.10 allows remote attackers to execute arbitrary SQL commands via the menu parameter. | |||||
| CVE-2009-3497 | 1 Vastal | 1 Agent Zone | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_listing.php in Vastal I-Tech Agent Zone (aka The Real Estate Script) allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-1480 | 1 Pragyan Cms Project | 1 Pragyan Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote attackers to execute arbitrary SQL commands via the fileget parameter in a view action and other unspecified vectors. | |||||
| CVE-2008-0428 | 1 Bloofoxcms | 1 Bloofoxcms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the login function in system/class_permissions.php in bloofoxCMS 0.3 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/index.php. | |||||
| CVE-2008-0557 | 1 Mamboserver | 1 Catalogshop | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2009-2234 | 1 Vicidial | 1 Call Center Suite | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin.php in VICIDIAL Call Center Suite 2.0.5-173 allow remote attackers to execute arbitrary SQL commands via the (1) Username parameter ($PHP_AUTH_USER) and (2) Password parameter ($PHP_AUTH_PW). | |||||
| CVE-2008-6656 | 1 Openautoclassifieds | 1 Open Auto Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to listings.php and (2) the username field to login.php. | |||||
| CVE-2008-2132 | 1 Systementor | 1 Postcardmentor | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in step1.asp in Systementor PostcardMentor allows remote attackers to execute arbitrary SQL commands via the cat_fldAuto parameter. | |||||
| CVE-2008-2781 | 1 Dzoic | 1 Handshakes | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in DZOIC Handshakes 3.5 allows remote attackers to execute arbitrary SQL commands via the fname parameter in a members search action. | |||||
| CVE-2008-6150 | 1 Sepcity | 1 Classified Ads | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in classdis.asp in SepCity Classified Ads allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2007-4804 | 1 Auracms | 1 Auracms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) hal.php, (2) cetak.php, (3) lihat.php, (4) pesan.php, and (5) teman.php, different vectors than CVE-2007-4171. NOTE: the scripts may be accessed through requests to the product's top-level default URI, using the pilih parameter, in some circumstances. | |||||