Total
19418 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3125 | 1 Mole Group | 1 Lastminute Script | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-3124 | 1 Mole Group | 1 Hotel Script | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote attackers to execute arbitrary SQL commands via the file parameter. | |||||
| CVE-2008-3123 | 1 Mole Group | 1 Real Estate Script | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Mole Group Real Estate Script 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action. | |||||
| CVE-2008-3122 | 1 Xerox | 1 Centreware Web | 2026-06-16 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors. | |||||
| CVE-2008-3119 | 1 Dreamlevels | 1 Dream Pics Builder | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2008-3118 | 1 Phpmotion | 1 Phpmotion | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the vid parameter. | |||||
| CVE-2008-3092 | 1 Drupal | 1 Taxonomy Autotagger Module | 2026-06-16 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-3090 | 1 Blognplus | 1 Blognplus | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819. | |||||
| CVE-2008-3089 | 1 Xpoze | 1 Xpoze Pro | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter. | |||||
| CVE-2008-3083 | 2 Brightcode, Joomla | 2 Brightcode Weblinks Module, Com Brightweblinks | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-3070 | 1 Mybb | 1 Mybb | 2026-06-16 | 7.5 HIGH | N/A |
| Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection. | |||||
| CVE-2008-3063 | 1 V-webmail | 1 V-webmail | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in V-webmail 1.5.0 might allow remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-3058 | 1 Octeth | 1 Oempro | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Octeth Oempro 3.5.5.1, and possibly other versions before 4, allow remote attackers to execute arbitrary SQL commands via the FormValue_Email parameter (aka Email field) to index.php in (1) member/, (2) client/, or (3) admin/; or (4) the FormValue_SearchKeywords parameter to client/campaign_track.php. | |||||
| CVE-2008-3056 | 1 Typo3 | 1 Codeon Petition Extension | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Codeon Petition (cd_petition) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-3055 | 1 Typo3 | 1 Support View Extension | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Support view (ext_tbl) extension 0.0.102 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-3054 | 1 Typo3 | 1 Branchenbuch Extension | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Branchenbuch (aka Yellow Pages o (mh_branchenbuch) extension 0.8.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-3053 | 1 Typo3 | 1 Sql Frontend Extension | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-3051 | 1 Typo3 | 1 Pinboard Extension | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-3044 | 1 Typo3 | 1 News Calendar Extension | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the News Calendar (newscalendar) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-3039 | 1 Typo3 | 1 Dam Frontend Extension | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||