Search
Total
4188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-6580 | 1 Wallpaper | 1 Wallpaper Complete Website | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Wallpaper Site 1.0.09 allow remote attackers to execute arbitrary SQL commands via (1) the catid parameter to category.php or (2) the groupid parameter to editadgroup.php. | |||||
| CVE-2008-1427 | 2 Joobi, Joomla | 2 Acajoom, Com Acajoom | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joobi Acajoom (com_acajoom) 1.1.5 and 1.2.5 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mailingid parameter in a mailing view action to index.php. | |||||
| CVE-2008-1425 | 1 Easy-clanpage | 1 Easy-clanpage | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the gallery module in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a kate action. | |||||
| CVE-2007-6579 | 1 Ip Reg | 1 Ip Reg | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ip Reg 0.3 allow remote attackers to execute arbitrary SQL commands via the vlan_id parameter to (1) vlanview.php, (2) vlanedit.php, and (3) vlandel.php; the (4) assetclassgroup_id parameter to assetclassgroupview.php; the (5) subnet_id parameter to nodelist.php; and unspecified other vectors. NOTE: it was later reported that the vlanview.php and vlandel.php vectors are also in 0.4. | |||||
| CVE-2007-6578 | 1 Zeak.net | 1 Php Zlink | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in go.php in PHP ZLink 0.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6577 | 1 Zsuite | 1 Zblog | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action. | |||||
| CVE-2008-0603 | 3 Amazoop, Joomla, Mambo | 3 Awesom, Com Awesom, Com Awesom | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task. | |||||
| CVE-2008-0832 | 2 Joomla, Mambo | 2 Kemas Antonius Com Quran, Kemas Antonius Com Quran | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action. | |||||
| CVE-2008-0831 | 1 Joomla | 1 Rapid Recipe | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Rapid Recipe (com_rapidrecipe) 1.6.5 and earlier component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) user_id or (2) category_id parameter. NOTE: this might overlap CVE-2008-0754. | |||||
| CVE-2008-0829 | 3 Joomla, Joomlapixel, Mambo | 3 Joomla, Jooget, Mambo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task. | |||||
| CVE-2008-0827 | 1 Phpnuke | 1 Book | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Books module of PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2007-6576 | 1 Adultscript | 1 Adultscript | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php. | |||||
| CVE-2007-6575 | 1 Brand039 | 1 Mmslamp | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action. | |||||
| CVE-2008-1295 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in archives.php in Gregory Kokanosky (aka Greg's Place) phpMyNewsletter 0.8 beta 5 and earlier allows remote attackers to execute arbitrary SQL commands via the msg_id parameter. | |||||
| CVE-2008-0579 | 1 Joomla | 1 Com Buslicense | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the buslicense (com_buslicense) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in a list action. | |||||
| CVE-2008-0565 | 1 Deltascripts | 1 Php Links | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in vote.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0562 | 1 Mamboserver | 2 Joomla, Mambo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-0811 | 1 Auracms | 1 Auracms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote attackers to execute arbitrary SQL commands via (1) the kid parameter to (a) mod/dl.php or (b) mod/links.php, and (2) the query parameter to search.php. | |||||
| CVE-2008-1408 | 1 Phpbp | 1 Phpbp | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/functions/banners-external.php in phpBP 2 RC3 (2.204) FIX 4 allows remote attackers to execute arbitrary SQL commands via the id parameter in a banner_out action. | |||||
| CVE-2008-1407 | 1 Exv2 | 1 Exv2 | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in the WebChat 1.60 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the roomid parameter. | |||||
| CVE-2008-1406 | 1 Exv2 | 1 Exv2 | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in annonces-p-f.php in the MyAnnonces 1.8 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the lid parameter in an ImprAnn action. | |||||
| CVE-2008-0561 | 3 Arthur Konze Webdesign, Joomla, Mambo | 3 Akogallery, Joomla, Mambo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-0557 | 1 Mamboserver | 1 Catalogshop | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-0520 | 1 Wordpress | 1 Wassup Plugin | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) from_date or (2) to_date parameter to spy.php. | |||||
| CVE-2008-1404 | 1 Exv2 | 1 Exv2 | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in the Viso (Industry Book) 2.04 and 2.03 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the kid parameter. | |||||
| CVE-2008-0519 | 2 Joomla, Mambo | 2 Com Jokes, Com Jokes | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Atapin Jokes (com_jokes) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a CatView action. | |||||
| CVE-2008-0802 | 2 Joomla, Mediaslide | 2 Com Mediaslide, Com Mediaslide | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the MediaSlide (com_mediaslide) 0.5 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the albumnum parameter in a contact action. | |||||
| CVE-2008-1398 | 1 Auracms | 1 Auracms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field (HTTP_X_FORWARDED_FOR environment variable) in an HTTP header. | |||||
| CVE-2008-0518 | 2 Joomla, Mambo | 2 Com Recipes, Com Recipes | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Recipes (com_recipes) 1.00 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | |||||
| CVE-2008-0517 | 3 Darko Selesi, Joomla, Mambo | 3 Estateagent, Joomla, Mambo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action. | |||||
| CVE-2008-1351 | 1 Xoops | 1 Tutoriais Module | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote attackers to execute arbitrary SQL commands via the tid parameter to printpage.php, which is accessible directly or through a printpage action to index.php. | |||||
| CVE-2008-1349 | 1 Exv2 | 2 Bamagalerie, Exv2 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Galerie) 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-1316 | 1 Qt-cute | 1 Quicktalk Forum | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in qtf_ind_search_ov.php in QT-cute QuickTalk Forum 1.6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1313 | 1 Bill Roberts | 1 Bloo | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) post_id, (2) post_category_id, (3) post_year_month, and (4) static_page_id parameters; and unspecified other vectors. | |||||
| CVE-2008-1305 | 2 Chieminger, Phpbb | 2 Filebase Module, Phpbb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in filebase.php in the Filebase mod for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1297 | 3 Ewriting, Joomla, Mambo | 3 Ewriting, Com Ewriting, Com Ewriting | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action. | |||||
| CVE-2008-1272 | 1 Bmscripts | 1 Bm Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BM Classifieds 20080309 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to showad.php and the (2) ad parameter to pfriendly.php. | |||||
| CVE-2008-0515 | 2 Joomla, Mambo | 2 Musepoes Component, Musepoes Component | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action. | |||||
| CVE-2008-0514 | 2 Joomla, Mambo | 2 Glossary, Glossary | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Glossary (com_glossary) 2.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action. | |||||
| CVE-2008-0512 | 1 Joomla | 1 Com Fq | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the fq (com_fq) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | |||||
| CVE-2008-0511 | 2 Joomla, Mambo | 2 Com Mamml, Com Mamml | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | |||||
| CVE-2008-1177 | 1 Affiliate Market | 1 Affiliate Market | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shop/detail.php in Affiliate Market (affmarket) 0.1 BETA allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0510 | 2 Joomla, Mambo | 3 Com Newsletter, Com Newsletter, Mambo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | |||||
| CVE-2008-1164 | 1 Phpcomasy | 1 Phpcomasy | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpComasy 0.8 allows remote attackers to execute arbitrary SQL commands via the mod_project_id parameter in a project_detail action. | |||||
| CVE-2008-1163 | 1 Phparcadescript | 1 Phparcadescript | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpArcadeScript 1.0 through 3.0 RC2 allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action. | |||||
| CVE-2008-0507 | 1 Wordpress | 1 Adserve | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0498 | 1 Bigware | 1 Bigware Shop | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main_bigware_53.tpl.php in Bigware Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the pollid parameter in a results action to main_bigware_53.php. | |||||
| CVE-2008-2065 | 1 Yourfreeworld | 1 Jokes Site Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers to execute arbitrary SQL commands via the catagorie parameter. | |||||
| CVE-2008-2063 | 1 Joovili | 1 Joovili | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2008-2047 | 1 Aspindir | 1 Angelo-emlak | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp. | |||||