Search
Total
4188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5921 | 1 Umerinc | 1 Songs Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in albums.php in Umer Inc Songs Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5926 | 1 Asp-dev | 1 Internal E-mail System | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.asp in ASP-DEv Internal E-Mail System allow remote attackers to execute arbitrary SQL commands via the (1) login parameter (aka user field) or the (2) password parameter (aka pass field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5927 | 1 China-on-site | 1 Flexphpnews | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote attackers to execute arbitrary SQL commands via the (1) checkuser parameter (aka username field) or (2) checkpass parameter (aka password field) to admin/index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5928 | 1 Flds-script | 1 Flds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in redir.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5930 | 1 The Net Guys | 1 Aspired2blog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ASPired2Blog allows remote attackers to execute arbitrary SQL commands via the BlogID parameter. | |||||
| CVE-2008-5934 | 1 Cmsisweb | 1 Cms Isweb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows remote attackers to execute arbitrary SQL commands via the id_sezione parameter. | |||||
| CVE-2008-5950 | 1 Aspapps | 1 Template Creature | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote attackers to execute arbitrary SQL commands via the mcatid parameter. | |||||
| CVE-2008-5952 | 1 Ktp Computer Customer Database | 1 Ktp Computer Customer Database | 2017-09-29 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the tid parameter in a vtech action to the default URI. | |||||
| CVE-2008-5955 | 1 Phpstreet | 1 Webboard | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show.php in Wbstreet (aka PHPSTREET Webboard) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5958 | 1 Activewebsoftwares | 1 Active Test | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp. | |||||
| CVE-2008-5959 | 1 Active Web Softwares | 1 Active Test | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or (2) password parameter (aka password field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5969 | 1 Sunbyte | 1 E-flower | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in popupproduct.php in Sunbyte e-Flower allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5972 | 1 Activewebsoftwares | 1 Active Business Directory | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Active Business Directory 2 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-5973 | 1 Activewebsoftwares | 1 Active Web Mail | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.aspx in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2008-5974 | 1 Activewebsoftwares | 1 Active Price Comparison | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.aspx in Active Price Comparison 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) password and (2) username fields. | |||||
| CVE-2008-5978 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp. | |||||
| CVE-2008-5988 | 1 Jadu | 1 Jadu Cms For Government | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in scripts/recruit_details.php in Jadu CMS for Government allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5992 | 1 Jetik | 1 Jetik Emlak Sistem A | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Jetik Emlak Sistem A (ESA) 2.0 allow remote attackers to execute arbitrary SQL commands via the KayitNo parameter to (1) diger.php and (2) sayfalar.php. | |||||
| CVE-2008-6003 | 1 Aj Square | 1 Aj Auction | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote attackers to execute arbitrary SQL commands via the seller_id parameter. | |||||
| CVE-2008-6017 | 1 I-rater | 1 I-rater Basic | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in messages.php in I-Rater Basic allows remote attackers to execute arbitrary SQL commands via the idp parameter. | |||||
| CVE-2008-6007 | 1 Quidascript | 1 Bookmarks Favourites Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_group.php in QuidaScript BookMarks Favourites Script (APB) allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6011 | 1 Sg Real Estate Portal | 1 Sg Real Estate Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | |||||
| CVE-2008-6014 | 1 Rianxosencabos Cms | 1 Rianxosencabos Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in scripts/links.php in Rianxosencabos CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6028 | 1 University Of Queensland | 1 Fez | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in list.php in University of Queensland Library Fez 1.3 and 2.0 RC1 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter in a subject action. | |||||
| CVE-2008-6029 | 1 Buzzywall | 1 Buzzywall | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2008-6030 | 1 Netartmedia | 1 Jobs Portal | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via (1) the job parameter to index.php in the search module or (2) the news_id parameter to index.php. | |||||
| CVE-2008-6031 | 1 Wsn Links | 1 Wsn Links | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable. | |||||
| CVE-2008-6032 | 1 Wsn | 1 Links | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6033 | 1 Wsn Links | 1 Wsn Links | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in WSN Links 2.20 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6037 | 1 Availscript | 1 Availscript Article Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the v parameter. | |||||
| CVE-2008-6042 | 1 Netartmedia | 1 Real Estate Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the re_search module in NetArtMedia Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the ad parameter to index.php. | |||||
| CVE-2008-6050 | 2 Ircmaxell, Joomla | 2 Tech Article, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php. | |||||
| CVE-2008-6068 | 2 Joomla, Web Design Hero | 2 Joomla, Joomladate | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JoomlaDate (com_joomladate) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a viewProfile action to index.php. | |||||
| CVE-2008-6076 | 2 Jlleblanc, Joomla | 2 Com Dailymessage, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2008-6077 | 1 Loudblog | 1 Loudblog | 2017-09-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a and earlier allows remote authenticated users to execute arbitrary SQL commands via the colpick parameter in a singleread action. | |||||
| CVE-2008-6078 | 1 Limbo Cms | 2 Com Privmsg, Limbo Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in open.php in the Private Messaging (com_privmsg) component for Limbo CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a pms action to index.php. | |||||
| CVE-2008-6081 | 1 Simplecustomer | 1 Simple Customer | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in contact.php in Simple Customer 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6086 | 1 Camera Life | 1 Camera Life | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3355. | |||||
| CVE-2008-6088 | 2 Joomla, Joomtracker | 2 Joomla, Com Joomtracker | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php. | |||||
| CVE-2008-6091 | 1 Bmforum | 1 Bmforum | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in plugins.php in BMForum 5.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tagname parameter. | |||||
| CVE-2008-6093 | 1 Noname-cms | 1 Noname Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Noname CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) file_id parameter in a detailansicht action and the (2) kategorie parameter in a kategorien action. | |||||
| CVE-2008-6102 | 1 Ezonescripts | 1 Link Trader Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ratelink.php in Link Trader Script allows remote attackers to execute arbitrary SQL commands via the lnkid parameter. | |||||
| CVE-2008-6100 | 1 Berlios | 1 Discussion Forum 2k | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter to (a) RSS1.php and (b) RSS2.php in misc/; and the (2) SubID parameter to (c) misc/RSS5.php. | |||||
| CVE-2008-6101 | 1 Ezonescripts | 1 Adult Banner Exchange Website | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in click.php in Adult Banner Exchange Website allows remote attackers to execute arbitrary SQL commands via the targetid parameter. | |||||
| CVE-2008-6111 | 1 Netart Media | 1 Vlog System | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to execute arbitrary SQL commands via the note parameter. | |||||
| CVE-2008-6114 | 2 E107, Mytipper | 2 E107, Zogo Shop | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_details.php in the Mytipper Zogo-shop 1.15.4 plugin for e107 allows remote attackers to execute arbitrary SQL commands via the product parameter. | |||||
| CVE-2008-6115 | 1 Prozilla | 1 Hosting Index | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action, a different vector than CVE-2008-2083. | |||||
| CVE-2008-6116 | 2 Extrosoft, Joomla | 2 Com Thyme, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event parameter to index.php. | |||||
| CVE-2008-6117 | 1 Pilotgroup | 1 Pg Job Site Pro | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in homepage.php in PG Job Site Pro allows remote attackers to execute arbitrary SQL commands via the poll_view_id parameter in a results action. | |||||
| CVE-2008-6133 | 1 Ozsari | 1 Full Php Emlak Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3942. | |||||