Total
19558 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3531 | 1 Universe | 1 Universe Cms | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in vnews.php in Universe CMS 1.0.6 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-3529 | 1 Radscripts | 1 Radbids | 2026-06-16 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action, a different vector than CVE-2005-1074. | |||||
| CVE-2009-3528 | 1 Al4us | 1 Mymsg | 2026-06-16 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Profile.php in MyMsg 1.0.3 allows remote authenticated users to execute arbitrary SQL commands via the uid parameter in a show action. | |||||
| CVE-2009-3514 | 1 Marcin Manek | 1 D.net Cms | 2026-06-16 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in d.net CMS allow remote attackers to execute arbitrary SQL commands via (1) the page parameter to index.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (2) edit_id and (3) _p parameter in a news action to dnet_admin/index.php. | |||||
| CVE-2009-3510 | 1 Dataspheric | 1 Linkspheric | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewListing.php in linkSpheric 0.74 Beta 6 allows remote attackers to execute arbitrary SQL commands via the listID parameter. | |||||
| CVE-2009-3505 | 1 Vastal | 1 Mmorpg Zone | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_news.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. NOTE: the game_id vector is already covered by CVE-2008-4460. | |||||
| CVE-2009-3504 | 1 Alibabaclone | 1 Alibaba Clone | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in offers_buy.php in Alibaba Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-3503 | 1 Bpowerhouse | 1 Bpholidaylettings | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) rid and (2) tid parameters. | |||||
| CVE-2009-3502 | 1 Bpowerhouse | 1 Bpmusic | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote attackers to execute arbitrary SQL commands via the music_id parameter. | |||||
| CVE-2009-3501 | 1 Bpowerhouse | 1 Bpstudents | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in students.php in BPowerHouse BPStudents 1.0 allows remote attackers to execute arbitrary SQL commands via the test parameter in a preview action. | |||||
| CVE-2009-3500 | 1 Bpowerhouse | 1 Bpgames | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php. | |||||
| CVE-2009-3499 | 1 Bpowerhouse | 1 Bplawyercasedocuments | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in employee.aspx in BPowerHouse BPLawyerCaseDocuments 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2009-3498 | 1 Hbcms | 1 Hbcms | 2026-06-16 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in php/update_article_hits.php in HBcms 1.7 allows remote attackers to execute arbitrary SQL commands via the article_id parameter. | |||||
| CVE-2009-3497 | 1 Vastal | 1 Agent Zone | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_listing.php in Vastal I-Tech Agent Zone (aka The Real Estate Script) allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-3495 | 1 Vastal | 1 Dvd Zone | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_mag.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the mag_id parameter, a different vector than CVE-2008-4465. | |||||
| CVE-2009-3494 | 1 Todor Lazarov | 1 T-htb Manager | 2026-06-16 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in index.php in T-HTB Manager 0.5, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a delete_category action, (2) the name parameter in an update_category action, and other vectors. | |||||
| CVE-2009-3491 | 2 Joomla, Kinfusion | 2 Joomla\!, Com Sportfusion | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Kinfusion SportFusion (com_sportfusion) component 0.2.2 through 0.2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a teamdetail action to index.php. | |||||
| CVE-2009-3480 | 2 Isygen, Joomla | 2 Icrm Basic, Joomla | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the iCRM Basic (com_icrmbasic) component 1.4.2.31 for Joomla! allows remote attackers to execute arbitrary SQL commands via the p3 parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-3446 | 2 Joomla, Rick Estrada | 2 Joomla, Com Mytube | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the MyRemote Video Gallery (com_mytube) component 1.0 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a videos action to index.php. | |||||
| CVE-2009-3443 | 2 Fastballproductions, Joomla | 2 Com Fastball, Joomla | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Fastball (com_fastball) component 1.1.0 through 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the league parameter to index.php. | |||||
