Search
Total
4188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3765 | 1 Discountedscripts | 1 Quick Poll Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in code.php in Quick Poll Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3767 | 1 Smartisoft | 1 Phpbazar | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | |||||
| CVE-2008-2691 | 1 Jiro | 1 Faq Manager Experience | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.asp in JiRo's FAQ Manager eXperience 1.0 allows remote attackers to execute arbitrary SQL commands via the fID parameter. | |||||
| CVE-2008-3772 | 1 Pars4u | 1 Videosharing | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in categories_portal.php in Pars4u Videosharing 1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-2692 | 1 Joomla | 1 Com Yvcomment | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the yvComment (com_yvcomment) component 1.16.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the ArticleID parameter in a comment action to index.php. | |||||
| CVE-2008-3780 | 1 Review-script | 1 Five Star Review Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in recommend.php in Five Star Review Script allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | |||||
| CVE-2008-3783 | 1 Matterdaddy | 1 Matterdaddy Market | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in index.php in Matterdaddy Market 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) type parameters. | |||||
| CVE-2008-2678 | 1 Telephone | 1 Telephone Directory 2008 | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) code parameter in a confirm_data action to edit1.php and the (2) id parameter to view_more.php. | |||||
| CVE-2008-3785 | 1 Miacms | 1 Miacms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the com_content component in MiaCMS 4.6.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) view, (2) category, or (3) blogsection action to index.php. | |||||
| CVE-2008-3787 | 1 Nullscripts | 1 Web Directory Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in listing_view.php in Web Directory Script 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||||
| CVE-2008-3788 | 1 Picturespro | 1 Picturespro Photo Cart | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) qtitle, (2) qid, and (3) qyear parameters to (a) search.php, and the (4) email and (5) password parameters to (b) _login.php. | |||||
| CVE-2008-2700 | 1 Gwm | 1 Galatolo Webmanager | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in Galatolo WebManager 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3848 | 1 Pdesigner | 1 Z-breaknews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in single.php in Z-Breaknews 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3861 | 1 Phpmyrealty | 1 Phpmyrealty | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in pages.php and (2) the price_max parameter in search.php. | |||||
| CVE-2008-2676 | 1 Joomla | 2 Com News Portal, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the iJoomla News Portal (com_news_portal) component 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
| CVE-2008-2746 | 1 Gryphon | 1 Gllcts2 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the detail parameter. | |||||
| CVE-2008-2753 | 1 Paridel | 1 Pooya Site Builder | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pooya Site Builder (PSB) 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) xslIdn parameter to (a) utils/getXsl.aspx, and the (2) part parameter to (b) getXml.aspx and (c) getXls.aspx in utils/. | |||||
| CVE-2008-2754 | 1 Efiction | 1 Efiction | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in toplists.php in eFiction 3.0 and 3.4.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the list parameter. | |||||
| CVE-2008-2755 | 1 Jamm-media | 1 Jamm Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in JAMM CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2673 | 1 Powie | 1 Pnews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Powie pNews 2.08 and 2.10, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the shownews parameter. | |||||
| CVE-2008-2647 | 1 Mebiblio | 1 Mebiblio | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/journal_change_mask.inc.php in meBiblio 0.4.7 allows remote attackers to execute arbitrary SQL commands via the JID parameter. | |||||
| CVE-2008-3943 | 1 Ezonescripts | 1 Living Local | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows remote attackers to execute arbitrary SQL commands via the r parameter. | |||||
| CVE-2008-3944 | 1 Discountedscripts | 1 Acg Ptp | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ACG-PTP 1.0.6 allows remote attackers to execute arbitrary SQL commands via the adid parameter in an adorder action. | |||||
| CVE-2008-3945 | 1 Source Workshop | 1 Words Tag Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Words tag 1.2 allows remote attackers to execute arbitrary SQL commands via the word parameter in a claim action. | |||||
| CVE-2008-2643 | 1 Joomla | 1 Com Biblestudy | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Bible Study (com_biblestudy) component before 6.0.7c for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a mediaplayer action to index.php. | |||||
| CVE-2008-3951 | 1 Vastal | 1 Agent Zone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_ann.php in Vastal I-Tech Agent Zone (aka The Real Estate Script) allows remote attackers to execute arbitrary SQL commands via the ann_id parameter. | |||||
| CVE-2008-3952 | 1 Editeurscripts Esfaq | 1 2.0 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in questions.php in EsFaq 2.0 allows remote attackers to execute arbitrary SQL commands via the idcat parameter. | |||||
| CVE-2008-3953 | 1 Vastal | 1 Shaadi Zone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in keyword_search_action.php in Vastal I-Tech Shaadi Zone 1.0.9 allows remote attackers to execute arbitrary SQL commands via the tage parameter. | |||||
| CVE-2008-2634 | 1 Bearrivernet.net | 1 I-pos Internet Pay Online Store | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in I-Pos Internet Pay Online Store 1.3 Beta and earlier allows remote attackers to execute arbitrary SQL commands via the item parameter. | |||||
| CVE-2008-3955 | 1 Masir Camp | 1 E-shop Module | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Masir Camp E-Shop Module 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ordercode parameter in a veiworderstatus page. | |||||
| CVE-2008-4039 | 1 Spice Classifieds | 1 Spice Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Spice Classifieds allows remote attackers to execute arbitrary SQL commands via the cat_path parameter. | |||||
| CVE-2008-4043 | 1 Aj Square | 1 Aj Hyip | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in AJ Square AJ HYIP Acme allow remote attackers to execute arbitrary SQL commands via the artid parameter to (1) acme/article/comment.php and (2) prime/article/comment.php. | |||||
| CVE-2008-4044 | 1 Aj Square | 1 Aj Hyip | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article/readarticle.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the artid parameter. | |||||
| CVE-2008-2632 | 1 Joomla | 2 Com Acctexp, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php. | |||||
| CVE-2008-4054 | 1 Kolifa | 1 Download Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in indir.php in Kolifa.net Download Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2630 | 1 Joomla | 1 Com Jb2 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter in a category action to index.php. | |||||
| CVE-2008-2629 | 2 Drupal, Lifetype | 2 Drupal, Lifetype | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the LifeType (formerly pLog) module for Drupal allows remote attackers to execute arbitrary SQL commands via the albumId parameter in a ViewAlbum action to index.php. | |||||
| CVE-2008-4073 | 1 Zanfi Solutions | 1 Autodealers Cms Autonline | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a DBpAGE action. | |||||
| CVE-2008-4074 | 1 Zanfi Solutions | 1 Autodealers Cms Autonline | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-2770 | 1 Mycrocms | 1 Mycrocms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the entry_id parameter. | |||||
| CVE-2008-2774 | 1 Cartkeeper | 1 Ckgold Shopping Cart | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in item.php in CartKeeper CKGold Shopping Cart 2.5 and 2.7 allows remote attackers to execute arbitrary SQL commands via the category_id parameter, a different vector than CVE-2007-4736. | |||||
| CVE-2008-4082 | 1 Brim-project | 1 Brim | 2017-09-29 | 4.6 MEDIUM | N/A |
| SQL injection vulnerability in the Tasks plugin in Brim 2.0.0, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via an arbitrary field in a search action to index.php. | |||||
| CVE-2008-4084 | 1 Myiosoft | 1 Easyclassifields | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in staticpages/easyclassifields/index.php in MyioSoft EasyClassifields 3.0 allows remote attackers to execute arbitrary SQL commands via the go parameter in a browse action. | |||||
| CVE-2008-4086 | 1 Source Workshop | 1 Reciprocal Links Manager | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action. | |||||
| CVE-2008-4088 | 1 Myphpnuke | 1 Myphpnuke | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in print.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to execute arbitrary SQL commands via the sid parameter. | |||||
| CVE-2008-4090 | 1 Couponscript | 1 Coupon Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHP Coupon Script 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an addtocart action, a different vector than CVE-2007-2672. | |||||
| CVE-2008-2628 | 2 Joomla, Ron Liskey | 2 Joomla, Com Equotes | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2008-4092 | 1 Myphpnuke | 1 Myphpnuke | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in printfeature.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to execute arbitrary SQL commands via the artid parameter. | |||||
| CVE-2008-4093 | 1 Yourownbux | 1 Yourownbux | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in memberstats.php in YourOwnBux 3.1 and 3.2 beta, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. | |||||
| CVE-2008-2778 | 1 Revokesoft | 1 Revokebb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in inc/class_search.php in the Search System in RevokeBB 1.0 RC11 allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||