Search
Total
4188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1838 | 1 Bosdev | 1 Bosclassifieds Ads Systems | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in BosClassifieds Classified Ads System 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php. | |||||
| CVE-2008-1847 | 1 Coronamatrix | 1 Phpaddressbook | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1791 | 1 Mygamingladder | 1 Mygamingladder | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ladder.php in My Gaming Ladder 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the ladderid parameter. | |||||
| CVE-2008-0282 | 1 Domphp | 1 Domphp | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary SQL commands via the mail parameter. | |||||
| CVE-2008-0746 | 2 Joomla, Mambo | 2 Com Gallery, Com Gallery | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Gallery (com_gallery) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-1789 | 1 Prozilla | 1 Forum | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter. | |||||
| CVE-2008-1774 | 1 Pligg | 1 Pligg Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in editlink.php in Pligg 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0279 | 1 Xforum | 1 Xforum | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected. | |||||
| CVE-2008-0278 | 1 X7 Group | 1 X7 Chat | 2017-09-29 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in index.php in X7 Chat 2.0.5 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a sm_window action. | |||||
| CVE-2008-0922 | 1 Php-nuke | 1 Manuales | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php. | |||||
| CVE-2008-0270 | 1 Taskfreak | 1 Taskfreak | 2017-09-29 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in index.php in TaskFreak! 0.6.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sContext parameter. | |||||
| CVE-2008-0921 | 1 Becontent | 1 Becontent | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in beContent 0.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0911 | 1 Iscripts | 1 Multicart | 2017-09-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in productdetails.php in iScripts MultiCart 2.0 allows remote authenticated users to execute arbitrary SQL commands via the productid parameter. | |||||
| CVE-2008-0262 | 1 Agares Media | 1 Phpautovideo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter. | |||||
| CVE-2008-0735 | 1 Auracms | 1 Auracms | 2017-09-29 | 10.0 HIGH | N/A |
| SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the albums parameter. | |||||
| CVE-2008-0256 | 1 Matteo Binda | 1 Asp Photo Gallery | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and (c) thumbricerca.asp and the (2) ricerca parameter to (d) thumbricerca.asp. | |||||
| CVE-2008-0734 | 1 Limbo Cms | 1 Limbo Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in class_auth.php in Limbo CMS 1.0.4.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the cuid cookie parameter to admin.php. | |||||
| CVE-2008-1759 | 2 Jeuxflash, Kwsphp | 2 Jeuxflash Module, Kwsphp | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the jeuxflash module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php, a different vector than CVE-2007-4922. | |||||
| CVE-2008-0721 | 1 Mambo | 1 Com Sermon | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter. | |||||
| CVE-2008-0719 | 1 Oscommerce | 2 Customer Testimonials, Oscommerce | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in customer_testimonials.php in the Customer Testimonials 3 and 3.1 Addon for osCommerce Online Merchant 2.2 allows remote attackers to execute arbitrary SQL commands via the testimonial_id parameter. | |||||
| CVE-2008-0714 | 1 Mihalism | 1 Multi Host | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in users.php in Mihalism Multi Host allows remote attackers to execute arbitrary SQL commands via the username parameter in a lost_password_go action. | |||||
| CVE-2008-0695 | 1 Bookmarkx | 1 Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in BookmarkX script 2007 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a showtopic action. | |||||
| CVE-2008-0255 | 1 Igamingcms | 1 Igaming Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter. | |||||
| CVE-2008-0254 | 1 Wavelink Media | 1 Tutorialcms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter. | |||||
| CVE-2008-0232 | 1 Zero Cms | 1 Zero Cms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Zero CMS 1.0 Alpha allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to index.php, or the (2) f or t parameters to forums/index.php. | |||||
| CVE-2008-0692 | 1 Itechscripts | 1 Itechbids | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | |||||
| CVE-2008-0219 | 1 Php Webquest | 1 Php Webquest | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in soporte_horizontal_w.php in PHP Webquest 2.6 allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter, a different vector than CVE-2007-4920. | |||||
| CVE-2008-0187 | 1 Spacial Audio Solutions | 1 Samphpweb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in songinfo.php in SAM Broadcaster samPHPweb, possibly 4.2.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the songid parameter. | |||||
| CVE-2008-0159 | 1 Eggblog | 1 Eggblog | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the eggblogpassword parameter in a cookie. | |||||
| CVE-2008-0157 | 1 Flexbb | 1 Flexbb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in FlexBB 0.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_temp_id parameter in a cookie. | |||||
| CVE-2008-1758 | 1 Kwsphp | 1 Kwsphp | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the ConcoursPhoto module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the C_ID parameter to index.php. | |||||
| CVE-2008-0690 | 1 Joomla | 1 Com Directory | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewcat action. | |||||
| CVE-2008-1750 | 1 Livecart | 1 Livecart | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Integry Systems LiveCart 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to the /category URI. | |||||
| CVE-2008-1732 | 1 Predictionfootball | 1 Predictionfootball | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showpredictionsformatch.php in Prediction Football 1.x allows remote attackers to execute arbitrary SQL commands via the matchid parameter in a dupa action. | |||||
| CVE-2008-0689 | 1 Joomla | 1 Com Marketplace | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action. | |||||
| CVE-2008-0154 | 1 Evilboard | 1 Evilboard | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to execute arbitrary SQL commands the c parameter. | |||||
| CVE-2008-0686 | 2 Joomla, Mambo | 2 Com Neoreferences, Com Neoreferences | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-0683 | 1 Wordpress | 1 St Newsletter Plugin | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter. | |||||
| CVE-2008-0147 | 1 Smallnuke | 1 Smallnuke | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in SmallNuke 2.0.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via (1) the user_email parameter and possibly (2) username parameter in a Members action. | |||||
| CVE-2008-0144 | 1 Phprisk | 1 Netrisk | 2017-09-29 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences. | |||||
| CVE-2008-0682 | 1 Wordpress | 1 Wordspew | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin before 3.72 for Wordpress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0907 | 1 Php-nuke | 1 Inhalt Module | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-0678 | 1 Blogphp | 1 Blogphp | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a page action. | |||||
| CVE-2008-0906 | 1 Php-nuke | 1 Php-nuke Module Docum | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle operation. | |||||
| CVE-2008-0142 | 1 Webportal | 1 Webportal Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in WebPortal CMS 0.6-beta allow remote attackers to execute arbitrary SQL commands via the user_name parameter to actions.php, and unspecified other vectors. | |||||
| CVE-2008-1726 | 1 Myknowledgequest | 1 Knowledgequest | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kqid parameter to (a) articletext.php and (b) articletextonly.php and the (2) username parameter to (c) logincheck.php. | |||||
| CVE-2008-0138 | 1 Xoops | 1 Xoopsgallery Module | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php in the mod_gallery module for XOOPS, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter. | |||||
| CVE-2008-0137 | 1 Snetworks | 1 Php Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in config.inc.php in SNETWORKS PHP CLASSIFIEDS 5.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter. | |||||
| CVE-2008-0133 | 1 Thomas Perez | 1 Tribisur | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to cat_main.php and the (2) cat parameter to forum.php in a liste action. | |||||
| CVE-2008-0129 | 1 Siteatschool | 1 Siteatschool | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and earlier allows remote attackers to execute arbitrary SQL commands via the album_name parameter. | |||||