Search
Total
4188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3497 | 1 Myphp Cms | 1 Myphp Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in pages.php in MyPHP CMS 0.3.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2008-3498 | 2 Joomla, Netshinesoftware | 2 Joomla\!, Com Netinvoice | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in an orders action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-3506 | 1 Polypager | 1 Polypager | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to execute arbitrary SQL commands via the nr parameter to the default URI. | |||||
| CVE-2008-3507 | 1 Wogan May | 1 Litenews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in LiteNews 0.1 (aka 01), and possibly 1.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action. | |||||
| CVE-2008-2183 | 1 Toocharger | 1 Smartblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to execute arbitrary SQL commands via the idt parameter. | |||||
| CVE-2008-2177 | 1 Php Directory Source | 1 Phpdirectorysource | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in phpDirectorySource 1.1.06, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to show.php and the (2) login parameter to admin.php. | |||||
| CVE-2008-2175 | 1 Gamma Scripts | 1 Blogme Php | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in Gamma Scripts BlogMe PHP 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3554 | 1 Comsenz | 1 Discuz | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Discuz! 6.0.1 allows remote attackers to execute arbitrary SQL commands via the searchid parameter in a search action. | |||||
| CVE-2008-2180 | 1 Cplinks | 1 Cplinks | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) admin_username parameter (aka the username field) to admin/index.php and the (2) search_text and (3) search_category parameters to search.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2132 | 1 Systementor | 1 Postcardmentor | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in step1.asp in Systementor PostcardMentor allows remote attackers to execute arbitrary SQL commands via the cat_fldAuto parameter. | |||||
| CVE-2008-3580 | 1 Qsoft | 1 K-links | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to visit.php, or the PATH_INFO to the default URI under (2) report/, (3) addreview/, or (4) refer/. | |||||
| CVE-2008-2129 | 1 Cine | 1 Galleristic | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Galleristic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-3585 | 1 Pozscripts | 1 Greencart Php Shopping Cart | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PozScripts GreenCart PHP Shopping Cart allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) product_desc.php and (2) store_info.php. | |||||
| CVE-2008-3586 | 1 Joomla | 1 Com Ezstore | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the EZ Store (com_ezstore) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2008-3588 | 1 Phsblog | 1 Phsblog | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in phsBlog 0.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to comments.php, (2) cid parameter to index.php, and the (3) urltitle parameter to entries.php. | |||||
| CVE-2008-2125 | 1 Musicbox | 1 Musicbox | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to execute arbitrary SQL commands via the artistId parameter. | |||||
| CVE-2008-3591 | 1 21degrees | 1 Symphony | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lib/class.admin.php in Twentyone Degrees Symphony 1.7.01 and earlier allows remote attackers to execute arbitrary SQL commands via the sym_auth cookie in a /publish/filemanager/ request to index.php. | |||||
| CVE-2008-3594 | 1 Magicscripts | 2 E-store Kit-1, E-store Kit-2 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewdetails.php in MagicScripts E-Store Kit-1, E-Store Kit-2, E-Store Kit-1 Pro PayPal Edition, and E-Store Kit-2 PayPal Edition allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2008-3598 | 1 Psi-labs | 1 Psipuss | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in psipuss 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the Cid parameter to categories.php or (2) the Username parameter to login.php. | |||||
| CVE-2008-3599 | 1 Openimpro | 1 Openimpro | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in image.php in OpenImpro 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3601 | 1 Quicksilver Forums | 1 Quicksilver Forums | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Quicksilver Forums 1.4.1 allows remote attackers to execute arbitrary SQL commands via the forums array parameter in a search action. | |||||
| CVE-2008-3603 | 1 Vacation Rentals | 1 Vacation Rental Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Vacation Rental Script 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sections action. | |||||
| CVE-2008-3649 | 1 Articlefriendly | 1 Article Friendly | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in categorydetail.php in Article Friendly Standard allows remote attackers to execute arbitrary SQL commands via the Cat parameter. | |||||
| CVE-2008-3669 | 1 Zeescripts | 1 Zeereviews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP Script (aka ZeeReviews) allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | |||||
| CVE-2008-3670 | 1 Articlefriendly | 1 Article Friendly | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in authordetail.php in Article Friendly Pro allows remote attackers to execute arbitrary SQL commands via the autid parameter. | |||||
| CVE-2008-2124 | 1 Fipsasp | 1 Fipscms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS allows remote attackers to execute arbitrary SQL commands via the lg parameter. | |||||
| CVE-2008-2114 | 1 Preprojects | 1 Pre Shopping Mall | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2008-3673 | 1 Pozscripts | 1 Classified Ads | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browsecats.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3672. | |||||
| CVE-2008-3674 | 1 Pozscripts | 1 Tubeguru Video Sharing Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ugroups.php in PozScripts TubeGuru Video Sharing Script allows remote attackers to execute arbitrary SQL commands via the UID parameter. | |||||
| CVE-2008-2113 | 1 Phpeasydata | 1 Phpeasydata | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in annuaire.php in PHPEasyData 1.5.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-3706 | 1 Zeeways | 1 Zeejobsite | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bannerclick.php in ZEEJOBSITE 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | |||||
| CVE-2008-3711 | 1 Phparcadescript | 1 Phparcadescript | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHPArcadeScript (PHP Arcade Script) 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a browse action. | |||||
| CVE-2008-3713 | 1 Phpbasket | 1 Phpbasket | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product.php in PHPBasket allows remote attackers to execute arbitrary SQL commands via the pro_id parameter. | |||||
| CVE-2008-3718 | 1 Cyberbb | 1 Cyberbb | 2017-09-29 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in cyberBB 0.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) id parameter to show_topic.php and the (2) user parameter to profile.php. | |||||
| CVE-2008-3719 | 1 Scripts-for-sites | 1 Affiliate Directory | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in SFS Affiliate Directory allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action. | |||||
| CVE-2008-3720 | 1 Deeemm | 1 Dmcms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the id vector is already covered by CVE-2007-5679. | |||||
| CVE-2008-2095 | 3 Joomla, Mambo, Page-flip-tools | 3 Com Flippingbook, Com Flippingbook, Flipping Book | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter. | |||||
| CVE-2008-2093 | 3 Joomla, Joomlapolis, Mambo | 3 Com Comprofiler, Community Builder, Com Comprofiler | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php. | |||||
| CVE-2008-3725 | 1 Yourfreeworld | 1 Ad Board Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in trr.php in YourFreeWorld Ad Board Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3748 | 1 Lbstone | 2 Active Php Bookmarks, Apb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_group.php in Active PHP Bookmarks (APB) 1.1.02 and 1.2.06 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3749 | 1 Yourfreeworld | 1 Banner Management Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3750 | 1 Yourfreeworld | 1 Url Rotator Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3751 | 1 Yourfreeworld | 1 Short Url And Url Tracker Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2088 | 1 Phpforge | 1 Php Forge | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/news.php in PHP Forge 3.0 beta 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in the news module to admin.php. | |||||
| CVE-2008-2084 | 2 Myarticles, Runcms | 2 Myarticles, Myarticles Module | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a listarticles action. | |||||
| CVE-2008-2679 | 1 Realm Project | 1 Realm Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the KeyWordsList function in _includes/inc_routines.asp in Realm CMS 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the kwrd parameter in a kwl action to the default URI. | |||||
| CVE-2008-3755 | 1 Yourfreeworld | 1 Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in YourFreeWorld Classifieds Script allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2008-3756 | 1 Yourfreeworld | 1 Viral Marketing Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Viral Marketing Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3757 | 1 Yourfreeworld | 1 Forced Matrix Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr1.php in YourFreeWorld Forced Matrix Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2688 | 1 Pilotcart | 1 Pilot Cart | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pilot.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the article parameter in a kb action. | |||||