Total
16228 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2446 | 1 Wgcc | 1 Web Group Communication Center | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) userid parameter to (a) profile.php in a "show moreinfo" action; the (2) bildid parameter to (b) picturegallery.php in a shownext action; the (3) id parameter to (c) filebase.php in a freigeben action, (d) schedule.php in a del action, and (e) profile.php in an observe action; and the (4) pmid parameter in a delete action and (5) folderid parameter in a showfolder action to (f) message.php. | |||||
| CVE-2008-1864 | 1 Prozilla | 1 Prozilla Freelancers | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in project.php in Prozilla Freelancers allows remote attackers to execute arbitrary SQL commands via the project parameter. | |||||
| CVE-2008-2921 | 1 Eztechhelp Company | 1 Ezcms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in EZTechhelp EZCMS 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2008-5163 | 1 Theratstudios | 1 The Rat Cms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewarticle.php and (2) viewarticle2.php. | |||||
| CVE-2008-6372 | 1 Ocean12tech | 1 Faq Manager Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a Cat action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5208 | 2 Joomla, Mambo | 3 Com Datsogallery, Joomla, Mambo | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | |||||
| CVE-2008-6853 | 1 Netcat | 1 Netcat | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter. | |||||
| CVE-2008-6166 | 2 Jmds, Joomla | 2 Com Kbase, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the KBase (com_kbase) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. | |||||
| CVE-2008-4772 | 1 Questwork | 1 Questcms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main/main.php in QuestCMS allows remote attackers to execute arbitrary SQL commands via the obj parameter. | |||||
| CVE-2008-0853 | 2 Joomla, Mambo | 2 Com Detail, Com Detail | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in CVE. | |||||
| CVE-2009-2888 | 1 Phpscriptsnow | 1 Hangman | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to execute arbitrary SQL commands via the n parameter. | |||||
| CVE-2008-2844 | 1 Carscripts | 1 Carscripts Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Carscripts Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-5122 | 1 Ektron | 1 Cms4000.net | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in Ektron CMS400.NET 7.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the res parameter. | |||||
| CVE-2007-6458 | 1 My123tkshop | 1 E-commerce-suite | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shop/mainfile.php in 123tkShop 0.9.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded value of the admin parameter to shop/admin.php. | |||||
| CVE-2008-5559 | 1 Dazzlindonna | 1 Postecards | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sendcard.cfm in PostEcards allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-0287 | 1 Keep Toolkit | 1 Keep Toolkit | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password. | |||||
| CVE-2008-4753 | 1 Aj Square Inc | 1 Rss Reader | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in EditUrl.php in AJ Square RSS Reader allows remote attackers to execute arbitrary SQL commands via the url parameter. | |||||
| CVE-2008-4675 | 1 Phpcounter | 1 Phpcounter | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHPcounter 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||||
| CVE-2008-6778 | 1 Scripts-for-sites | 1 Ez Auction | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2009-2605 | 1 Traidnt | 1 Traidnt Up | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in adminquery.php in Traidnt Up 2.0 allow remote attackers to execute arbitrary SQL commands via (1) trupuser and (2) truppassword cookies to uploadcp/index.php. | |||||