Total
16228 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2545 | 1 Anelectron | 1 Advanced Electron Forum | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in Advanced Electron Forum (AEF) 1.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the filename in an uploaded attachment. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-1662 | 1 Recipescript | 1 Recipe Script | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/login.php in Wright Way Services Recipe Script 5 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) Password fields, as reachable from admin/index.php. | |||||
| CVE-2008-1295 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in archives.php in Gregory Kokanosky (aka Greg's Place) phpMyNewsletter 0.8 beta 5 and earlier allows remote attackers to execute arbitrary SQL commands via the msg_id parameter. | |||||
| CVE-2008-6419 | 1 Socialsitegenerator | 1 Social Site Generator | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php. | |||||
| CVE-2008-5267 | 1 Experts | 1 Experts | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in answer.php in Experts 1.0.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the question_id parameter. | |||||
| CVE-2008-0430 | 1 360 Web Manager | 1 360 Web Manager | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in form.php in 360 Web Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the IDFM parameter. | |||||
| CVE-2008-5707 | 1 Aspindir | 1 Iltaweb Alisveris Sistemi | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in urunler.asp in Iltaweb Alisveris Sistemi allows remote attackers to execute arbitrary SQL commands via the catno parameter. | |||||
| CVE-2008-1354 | 1 Advanced Data Solutions | 1 Virtual Support Office Xp | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in MyIssuesView.asp in Advanced Data Solutions Virtual Support Office-XP (VSO-XP) allows remote attackers to execute arbitrary SQL commands via the Issue_ID parameter. | |||||
| CVE-2008-6911 | 1 Brewblogger | 1 Brewblogger | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the authenticateUser function in includes/authentication.inc.php in BrewBlogger (BB) 2.1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginUsername parameter to includes/logincheck.inc.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-2389 | 1 Usolved | 1 Newsolved | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in newsscript.php in USOLVED NEWSolved 1.1.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) jahr or (2) idneu parameter in an archive action, or (3) the newsid parameter. | |||||
| CVE-2008-4715 | 1 Jpad Project | 1 Jpad | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Jpad (com_jpad) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. | |||||
| CVE-2008-6438 | 2 E107, E107coders | 2 E107, Macguru Blog Engine Plugin | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected. | |||||
| CVE-2009-3315 | 1 Nelogic | 1 Nephp Publisher | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/index.php in NeLogic Nephp Publisher Enterprise 3.5.9 and 4.5 allows remote attackers to execute arbitrary SQL commands via the Username field. | |||||
| CVE-2009-3632 | 1 Typo3 | 1 Typo3 | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the traditional frontend editing feature in the Frontend Editing subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to execute arbitrary SQL commands via unspecified parameters. | |||||
| CVE-2008-0762 | 1 Joomla | 1 Com Iomezun | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the com_iomezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action. | |||||
| CVE-2008-3118 | 1 Phpmotion | 1 Phpmotion | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the vid parameter. | |||||
| CVE-2008-1890 | 2 Azrul, Joomla | 2 Jom Comment, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-6019 | 1 Do-cms | 1 Do-cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in EACOMM DO-CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-3309 | 1 Cfshopkart | 1 Cf Shopkart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a ViewDetails action, a different vector than CVE-2008-6320. | |||||
| CVE-2008-2983 | 1 Cwh Underground | 1 Demo4 Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Demo4 CMS 01 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||