Total
16225 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6777 | 1 Myphp | 1 Myphp Forum | 2025-04-09 | 5.1 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a confirm action, the (2) user parameter in a newconfirm action, and (3) reqpwd action to member.php; and the (4) quote parameter in a post action and (5) pid parameter in an edit action to post.php, different vectors than CVE-2005-0413.2 and CVE-2007-6667. | |||||
| CVE-2009-1409 | 1 E107 | 1 E107 | 2025-04-09 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320. | |||||
| CVE-2008-6451 | 1 Jportal | 1 Jportal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in humor.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2004-2036 or CVE-2005-3509. | |||||
| CVE-2008-2530 | 1 Quickupcms | 1 Quickupcms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Concepts & Solutions QuickUpCMS allow remote attackers to execute arbitrary SQL commands via the (1) nr parameter to (a) frontend/news.php, the (2) id parameter to (b) events3.php and (c) videos2.php in frontend/, the (3) y parameter to (d) frontend/events2.php, and the (4) ser parameter to (e) frontend/fotos2.php. | |||||
| CVE-2008-4497 | 1 Built2go | 1 Real Estate Listings | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in event_detail.php in Built2Go Real Estate Listings 1.5 allows remote attackers to execute arbitrary SQL commands via the event_id parameter. | |||||
| CVE-2008-5097 | 1 Myfwb | 1 Myfwb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in MyFWB 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2009-3595 | 1 Vspanel | 1 Vs Panel | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in results.php in VS PANEL 7.5.5 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter, a different vector than CVE-2009-3590. | |||||
| CVE-2008-5648 | 1 Deltascripts | 1 Php Shop | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in DeltaScripts PHP Shop 1.0 allows remote attackers to execute arbitrary SQL commands via the admin_username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-5220 | 1 Asp Product Catalog | 1 Asp Product Catalog | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in catalog.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter and possibly other parameters. | |||||
| CVE-2008-0738 | 1 Shoppingtree | 1 Candypress Store | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idcust parameter to (a) ajax_getTiers.asp and (b) ajax_getCust.asp in ajax/, and the (2) tableName parameter to (c) ajax/ajax_tableFields.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-6462 | 1 Php Real Estate Classifieds | 1 Php Real Estate Classifieds Premium Plus | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2995 | 1 Phpeasydata | 1 Phpeasydata | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to execute arbitrary SQL commands via (1) the annuaire parameter to annuaire.php or (2) the username field in admin/login.php. | |||||
| CVE-2007-5916 | 1 Phphelpdesk | 1 Phphelpdesk | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login page in phphelpdesk 0.6.16 allows remote attackers to execute arbitrary SQL commands via unspecified parameters related to the "login procedures." | |||||
| CVE-2009-3205 | 1 Cbauthority | 1 Cbauthority | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main.php in CBAuthority allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_product action. | |||||
| CVE-2008-3092 | 1 Drupal | 1 Taxonomy Autotagger Module | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-0750 | 1 Husrev | 1 Blackboard | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in philboard_forum.asp in Husrev BlackBoard 2.0.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | |||||
| CVE-2008-6227 | 1 Preproject | 1 Pre Multi-vendor Shopping Malls | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters. | |||||
| CVE-2009-3971 | 2 Joomla, Jtips | 2 Joomla\!, Com Jtips | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the jTips (com_jtips) component 1.0.7 and 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the season parameter in a ladder action to index.php. | |||||
| CVE-2008-3027 | 1 Vangogh Web Cms | 1 Vangogh Web Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php. | |||||
| CVE-2008-6020 | 1 Drupal | 2 Drupal, Views | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "an exposed filter on CCK text fields." | |||||