Search
Total
4188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2627 | 1 Joomla | 1 Com Idoblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the IDoBlog (com_idoblog) component b24 and earlier and 1.0, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the userid parameter in a userblog action to index.php. | |||||
| CVE-2008-2789 | 1 Basic-cms | 1 Basic-cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pages/index.php in BASIC-CMS allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | |||||
| CVE-2008-2790 | 1 Mountaingrafix | 1 Easytrade | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.php in MountainGrafix easyTrade 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2791 | 1 Kalptaru Infotech | 1 Comparison Engine Power Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2792 | 1 Erocms | 1 Erocms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in eroCMS 1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the site parameter. | |||||
| CVE-2008-2793 | 1 Clip-share | 1 Clipshare | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | |||||
| CVE-2008-2796 | 1 Freecms.us | 1 Freecms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2008-2626 | 1 Battleblog | 1 Battleblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comment.asp in Battle Blog 1.25 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter. | |||||
| CVE-2008-2816 | 1 O2php | 1 Oxygen | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in post.php in Oxygen (aka O2PHP Bulletin Board) 2.0 allows remote attackers to execute arbitrary SQL commands via the repquote parameter in a reply action, a different vector than CVE-2006-1572. | |||||
| CVE-2008-2817 | 1 Nitropowered | 1 Nitro Web Gallery | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in albums.php in NiTrO Web Gallery 1.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the CatId parameter in a show action. | |||||
| CVE-2008-2569 | 1 Joomla | 1 Easybook Component | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the EasyBook (com_easybook) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a deleteentry action to index.php. | |||||
| CVE-2008-2823 | 1 Phpeasynews | 1 Phpeasyblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in newsarchive.php in PHPeasyblog (formerly phpeasynews) 1.13 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter. | |||||
| CVE-2008-2834 | 1 Sidb | 1 Scientific Image Database | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in projects.php in Scientific Image DataBase 0.41 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2835 | 1 Igsuite | 1 Igsuite | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter. | |||||
| CVE-2008-2837 | 1 Cms.brdconcept | 1 Cms-brd | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CMS-BRD allows remote attackers to execute arbitrary SQL commands via the menuclick parameter. | |||||
| CVE-2008-2843 | 1 Doitlive | 1 Cms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter in an USUB action to default.asp and the (2) Licence[SpecialLicenseNumber] (aka LicenceId) cookie to edit/default.asp. | |||||
| CVE-2008-2844 | 1 Carscripts | 1 Carscripts Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Carscripts Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2564 | 1 Joomla | 2 Com Jotloader, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JotLoader (com_jotloader) component 1.2.1.a and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. | |||||
| CVE-2008-2845 | 1 Mybizz-classifieds | 1 Mybizz-classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in MyBizz-Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2846 | 1 Boatscripts | 1 Boatscripts Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in BoatScripts Classifieds allows remote attackers to execute arbitrary SQL commands via the type parameter. | |||||
| CVE-2008-2847 | 1 Softdivision | 1 Maxtrade Aoi | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 allows remote attackers to execute arbitrary SQL commands via the categori parameter in a pocategorisell action to modules.php. | |||||
| CVE-2008-2562 | 1 Powerphlogger | 1 Powerphlogger | 2017-09-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and earlier allows remote authenticated users to execute arbitrary SQL commands via the css_str parameter in an edit action. | |||||
| CVE-2008-2853 | 1 Easy Webstore | 1 Easy Webstore | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Easy Webstore 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_path parameter. | |||||
| CVE-2008-2860 | 1 Aj Square | 1 Aj Auction | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in AJSquare AJ Auction Pro web 2.0 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. | |||||
| CVE-2008-2856 | 1 Ownrs | 1 Ownrs | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2560 | 1 Fourtwosevenbb | 1 427bb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remote attackers to execute arbitrary SQL commands via the post parameter. | |||||
| CVE-2008-2865 | 1 Kalptaru Infotech | 1 Php Site Lock | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a show_article action. | |||||
| CVE-2008-2866 | 1 Caupo.net | 1 Cauposhop Classic | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in csc_article_details.php in Caupo.net CaupoShop Classic 1.3 allows remote attackers to execute arbitrary SQL commands via the saArticle[ID] parameter. | |||||
| CVE-2008-2867 | 1 E-topbiz | 1 Viral Dx 1 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter. | |||||
| CVE-2008-2868 | 1 Duware | 1 Ducalendar | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter. | |||||
| CVE-2008-2869 | 1 E-topbiz | 1 Link Ads 1 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | |||||
| CVE-2008-2870 | 1 Sharecms | 1 Sharecms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remote attackers to execute arbitrary SQL commands via the (1) eventID parameter to event_info.php and the (2) userID parameter to list_user.php. | |||||
| CVE-2008-2556 | 1 Hessel Brouwer | 1 Php Visit Counter | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.php in PHP Visit Counter 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the datespan parameter in a read action. | |||||
| CVE-2008-2874 | 1 Softbizscripts | 1 Softbiz Jokes And Funny Pics Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbjoke_id parameter, a different vector than CVE-2008-1050. | |||||
| CVE-2008-2875 | 1 Webdevindo-cms | 1 Webdevindo-cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allows remote attackers to execute arbitrary SQL commands via the hal parameter. | |||||
| CVE-2008-2900 | 1 Phpauction | 1 Phpauction | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2897 | 1 Pagesquid | 1 Pagesquid Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2008-2901 | 1 Haudenschilt | 1 Family Connections Cms | 2017-09-29 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter to home.php in a results action. | |||||
| CVE-2008-2555 | 1 Easyway | 1 Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in EasyWay CMS allows remote attackers to execute arbitrary SQL commands via the mid parameter. | |||||
| CVE-2008-2891 | 1 Emusoft | 1 Emucms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in eMuSOFT emuCMS 0.3 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a category action. | |||||
| CVE-2008-2892 | 2 Feellove, Joomla | 2 Exp Shop Component, Com Expshop | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_payment action to index.php. | |||||
| CVE-2008-2893 | 1 Ajhyip | 1 Aj Square Aj-hyip | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-2532. | |||||
| CVE-2008-2902 | 1 Alstrasoft | 1 Askme Pro | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to forum_answer.php is already covered by CVE-2007-4085. | |||||
| CVE-2008-2903 | 1 Awbs | 1 Advanced Webhost Billing System | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in news.php in Advanced Webhost Billing System (AWBS) 2.3.3 through 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the viewnews parameter. | |||||
| CVE-2008-2904 | 1 Phpmycart | 1 Phpmycart | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2906 | 1 Webchamado | 1 Webchamado | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the tsk_id parameter. | |||||
| CVE-2008-2907 | 1 Webchamado | 1 Webchamado | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin/index.php in WebChamado 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the eml parameter. | |||||
| CVE-2008-2537 | 1 Hispah | 1 Model Search | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cat.php in HispaH Model Search allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2915 | 1 Preprojects | 1 Pre Job Board | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (aka the search module) in Pre Job Board allow remote attackers to execute arbitrary SQL commands via the (1) position or (2) kw parameter. | |||||
| CVE-2008-2536 | 1 Yabsoft | 1 Advanced Image Hosting Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in out.php in YABSoft Advanced Image Hosting (AIH) Script 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t parameter. | |||||