Search
Total
4188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0099 | 1 Myphp Forum | 1 Myphp Forum | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the searchtext parameter to search.php, and unspecified other vectors. | |||||
| CVE-2008-0089 | 1 Clip-share | 1 Clipshare | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter. | |||||
| CVE-2007-6667 | 1 Myphp | 1 Myphp Forum | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the member.php vector is already covered by CVE-2005-0413. | |||||
| CVE-2007-6666 | 1 Zenphoto | 1 Zenphoto | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 allows remote attackers to execute arbitrary SQL commands via the albumnr parameter. | |||||
| CVE-2008-1715 | 1 Auracms | 1 Auracms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in content/user.php in AuraCMS 2.2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the country parameter. | |||||
| CVE-2007-6665 | 1 Netchemia | 1 Oneschool | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.asp in Netchemia oneSCHOOL allows remote attackers to execute arbitrary SQL commands via the txtLoginID parameter. | |||||
| CVE-2008-1714 | 1 Fascript | 1 Faphoto | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in show.php in FaScript FaPhoto 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6664 | 1 Webportal | 1 Webportal Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WebPortal CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter. | |||||
| CVE-2008-1646 | 2 Arnos Toolbox, Wordpress | 2 Wp-download, Wp Download | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wp-download.php in the WP-Download 1.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the dl_id parameter. | |||||
| CVE-2008-0677 | 1 A-blog | 1 A-blog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a news action. | |||||
| CVE-2008-1640 | 1 Jgs-xa | 1 Jgs Treffen | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in jgs_treffen.php in the JGS-XA JGS-Treffen 2.0.2 and earlier addon for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the view_id parameter in an ansicht action. | |||||
| CVE-2008-1639 | 1 Neat Web | 1 Neat-web | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Neat weblog 0.2 allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a show action, probably related to the showArticle function in lib/lib_article.include.php. | |||||
| CVE-2008-1623 | 1 Lotus Web Studios Inc | 1 Smoothflash | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin_view_image.php in Smoothflash allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-1608 | 1 Clever Copy | 1 Clever Copy | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in postview.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter, a different vector than CVE-2008-0363 and CVE-2006-0583. | |||||
| CVE-2008-1591 | 1 Postnuke | 1 Postnuke | 2017-09-29 | 7.5 HIGH | N/A |
| The pnVarPrepForStore function in PostNuke 0.764 and earlier skips input sanitization when magic_quotes_runtime is enabled, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via input associated with server variables, as demonstrated by the CLIENT_IP HTTP header (HTTP_CLIENT_IP variable). | |||||
| CVE-2008-1559 | 2 Bernard Gilly, Joomla | 2 Com Alphacontent, Joomla\! | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | |||||
| CVE-2008-0881 | 1 Phpnuke | 1 Okul Module | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in the Okul 1.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the okulid parameter in an okullar action. | |||||
| CVE-2007-6663 | 2 Joomla, Pragmatic Utopia | 2 Joomla, Pu Arcade | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arcade (com_puarcade) 2.0.3, 2.1.2, and 2.1.3 Beta component for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter to index.php. | |||||
| CVE-2007-6656 | 1 Cmsmadesimple | 1 Cms Made Simple | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in content_css.php in the TinyMCE module for CMS Made Simple 1.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the templateid parameter. | |||||
| CVE-2008-0880 | 1 Phpnuke | 1 Easycontent Module | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | |||||
| CVE-2007-6647 | 1 W-agora | 1 W-agora | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-1539 | 1 Futurenuke | 1 Php Nuke Platinum | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary SQL commands via the p parameter to modules.php for the Forums module. | |||||
| CVE-2008-0878 | 1 Runcms | 1 Myannonces | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | |||||
| CVE-2008-0844 | 1 Joomla | 1 Com Pccookbook | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the PccookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | |||||
| CVE-2008-0842 | 1 Joomla | 1 Com Clasifier | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-1535 | 1 Matti Kiviharju | 1 Rekry Component | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Matti Kiviharju rekry (aka com_rekry or rekry!Joom) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the op_id parameter in a view action to index.php. | |||||
| CVE-2007-6639 | 1 Iptbb Team | 1 Iptbb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in IPTBB 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewdir action. | |||||
| CVE-2008-0841 | 2 Joomla, Mambo | 2 Com Ricette Component, Com Ricette Component | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6622 | 1 Zeuscms | 1 Zeuscms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header. | |||||
| CVE-2008-1513 | 1 Danneo | 1 Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Danneo CMS 0.5.1 and earlier, when the Referers statistics option is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header. | |||||
| CVE-2008-0670 | 1 Joomla | 1 Com Noticias | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Noticias (com_noticias) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detalhe action. | |||||
| CVE-2008-0839 | 2 Astats, Joomla | 2 Astatspro, Com Astatspro | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0653 | 1 Joomla | 1 Com Ynews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showYNews action. | |||||
| CVE-2008-0652 | 2 Joomla, Mambo | 2 Com Downloads, Com Downloads | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. | |||||
| CVE-2008-1509 | 1 Xlportal | 1 Xlportal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in XLPortal 2.2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the query parameter. | |||||
| CVE-2008-1496 | 1 Peel | 1 Peel | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to (a) membre.php, and the (2) timestamp parameter to (b) the details action in achat/historique_commandes.php and (c) the facture action in factures/facture_html.php. | |||||
| CVE-2008-1465 | 3 Detodas, Joomla, Mambo-foundation | 3 Com Restaurante, Joomla\!, Mambo | 2017-09-29 | 9.3 HIGH | N/A |
| SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562. | |||||
| CVE-2007-6602 | 1 Noserub | 1 Noserub | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username field to the login script. | |||||
| CVE-2008-0649 | 1 Adp | 1 Astanda Directory Project | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.php in Astanda Directory Project (ADP) 1.2 and 1.3 allows remote attackers to execute arbitrary SQL commands via the link_id parameter. | |||||
| CVE-2007-6586 | 1 Niclor | 1 Niclor | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php. | |||||
| CVE-2008-0833 | 1 Joomla | 1 Com Galeria | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the com_galeria component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-0614 | 1 Photokorn | 1 Gallery | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Photokorn Gallery 1.543 allows remote attackers to execute arbitrary SQL commands via the pic parameter in a showpic action. | |||||
| CVE-2007-6583 | 1 1024 Cms | 1 1024 Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter. | |||||
| CVE-2008-1462 | 1 Runcms | 1 Runcms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the sections (Section) module in RunCMS allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle action. | |||||
| CVE-2008-1460 | 3 Joomla, Joomlapixel, Mambo | 3 Joomla, Com Joovideo, Mambo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joovideo (com_joovideo) 1.0 and 1.2.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2008-0611 | 2 Rmsoft, Xoops | 2 Gallery System, Xoops | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery System 2.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1459 | 4 Joomla, Joomlaitalia, Mambo and 1 more | 4 Joomla, Com Alberghi, Mambo and 1 more | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2008-1430 | 1 Iatek | 1 Aspapp | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in links.asp in ASPapp allows remote attackers to execute arbitrary SQL commands via the CatId parameter. | |||||
| CVE-2008-0607 | 3 Joomla, Mambo, Sigsiu.net | 3 Com Sobi2, Com Sobi2, Sobi2 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0606 | 3 Joomla, Mambo, Phil Taylor | 3 Com Shambo2, Com Shambo2, Shambo2 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter. | |||||