Total
19413 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2909 | 1 Clever Copy | 1 Clever Copy | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter. | |||||
| CVE-2008-2907 | 1 Webchamado | 1 Webchamado | 2026-06-16 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin/index.php in WebChamado 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the eml parameter. | |||||
| CVE-2008-2906 | 1 Webchamado | 1 Webchamado | 2026-06-16 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the tsk_id parameter. | |||||
| CVE-2008-2904 | 1 Phpmycart | 1 Phpmycart | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2903 | 1 Awbs | 1 Advanced Webhost Billing System | 2026-06-16 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in news.php in Advanced Webhost Billing System (AWBS) 2.3.3 through 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the viewnews parameter. | |||||
| CVE-2008-2902 | 1 Alstrasoft | 1 Askme Pro | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to forum_answer.php is already covered by CVE-2007-4085. | |||||
| CVE-2008-2901 | 1 Haudenschilt | 1 Family Connections Cms | 2026-06-16 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter to home.php in a results action. | |||||
| CVE-2008-2900 | 1 Phpauction | 1 Phpauction | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2897 | 1 Pagesquid | 1 Pagesquid Cms | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2008-2893 | 1 Ajhyip | 1 Aj Square Aj-hyip | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-2532. | |||||
| CVE-2008-2892 | 2 Feellove, Joomla | 2 Exp Shop Component, Com Expshop | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_payment action to index.php. | |||||
| CVE-2008-2891 | 1 Emusoft | 1 Emucms | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in eMuSOFT emuCMS 0.3 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a category action. | |||||
| CVE-2008-2890 | 1 Offl | 1 Online Fantasy Football League | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.php, the (2) league_id parameter to leagues.php, and the (3) player_id parameter to players.php. | |||||
| CVE-2008-2875 | 1 Webdevindo-cms | 1 Webdevindo-cms | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allows remote attackers to execute arbitrary SQL commands via the hal parameter. | |||||
| CVE-2008-2874 | 1 Softbizscripts | 1 Softbiz Jokes And Funny Pics Script | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbjoke_id parameter, a different vector than CVE-2008-1050. | |||||
| CVE-2008-2872 | 1 Aspindir | 1 Shibby Shop | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter. | |||||
| CVE-2008-2870 | 1 Sharecms | 1 Sharecms | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remote attackers to execute arbitrary SQL commands via the (1) eventID parameter to event_info.php and the (2) userID parameter to list_user.php. | |||||
| CVE-2008-2869 | 1 E-topbiz | 1 Link Ads 1 | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | |||||
| CVE-2008-2868 | 1 Duware | 1 Ducalendar | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter. | |||||
| CVE-2008-2867 | 1 E-topbiz | 1 Viral Dx 1 | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter. | |||||