Total
19536 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0446 | 1 Web-album | 1 Webalbum | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in photo.php in WEBalbum 2.4b allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-0445 | 1 Dreampics | 1 Gallery Builder | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Dreampics Gallery Builder allows remote attackers to execute arbitrary SQL commands via the exhibition_id parameter in a gallery.viewPhotos action. | |||||
| CVE-2009-0431 | 1 Codefixer | 1 Linkspro | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Default.asp in LinksPro Standard Edition allows remote attackers to execute arbitrary SQL commands via the OrderDirection parameter. | |||||
| CVE-2009-0429 | 1 Activewebsoftwares | 1 Active Bids | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Active Bids allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to search.asp, (2) SortDir parameter to auctionsended.asp, and the (3) catid parameter to wishlist.php. | |||||
| CVE-2009-0428 | 1 Dmxready | 1 Secure Document Library | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-0427 | 1 Dmxready | 1 Member Directory Manager | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-0426 | 1 Dmxready | 1 Classified Listings Manager | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Classified Listings Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-0425 | 1 Blue Eye Cms | 1 Blue Eye Cms | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Blue Eye CMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the clanek parameter. | |||||
| CVE-2009-0421 | 1 Joomla | 2 Com Eventing, Joomla | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||
| CVE-2009-0420 | 2 Joomla, Rd-media | 2 Joomla, Rd-autos | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2009-0409 | 1 Mzbservices | 1 Max.blog | 2026-06-16 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2009-0407 | 1 Humayun Shabbir | 1 Php-cms Project | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in PHP-CMS Project 1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2009-0406 | 1 Community Cms | 1 Community Cms | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Community CMS 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-0405 | 1 Smartsitecms | 1 Smartsitecms | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in articles.php in smartSite CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the var parameter. | |||||
| CVE-2009-0403 | 1 Chipmunk Scripts | 1 Chipmunk Blogger | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2009-0402 | 1 Gplhost | 1 Domain Technologie Control | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in client/new_account.php in Domain Technologie Control (DTC) before 0.29.16 allows remote attackers to execute arbitrary SQL commands via the (1) familyname, (2) christname, (3) company_name, (4) is_company, (5) email, (6) phone, (7) fax, (8) addr1, (9) addr2, (10) addr3, (11) zipcode, (12) city, (13) state, (14) country, and (15) vat_num parameters. | |||||
| CVE-2009-0401 | 1 Ephpscripts | 1 E-php Cms | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-0400 | 1 Socialengine | 1 Socialengine | 2026-06-16 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in blog.php in SocialEngine 3.06 trial allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
| CVE-2009-0395 | 1 Netartmedia | 1 Car Portal | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login feature in NetArt Media Car Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2009-0394 | 1 Ple Cms | 1 Ple Cms | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Pre Lecture Exercises (PLEs) CMS 1.0 beta 4.2 allows remote attackers to execute arbitrary SQL commands via the school parameter. | |||||
