Search
Total
8599 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5075 | 1 Scriptsfrenzy | 1 E-uploader Pro | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka Uploader PRO), when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) img.php, (b) file.php, (c) mail.php, (d) thumb.php, (e) zip.php, and (f) zipit.php, and (2) the view parameter to (g) browser.php. | |||||
| CVE-2008-6117 | 1 Pilotgroup | 1 Pg Job Site Pro | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in homepage.php in PG Job Site Pro allows remote attackers to execute arbitrary SQL commands via the poll_view_id parameter in a results action. | |||||
| CVE-2008-5088 | 1 Knowledgebase-script | 1 Phpkb Knowledge Base Software | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PHPKB Knowledge Base Software 1.5 Professional allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) email.php and (2) question.php, a different vector than CVE-2008-1909. | |||||
| CVE-2008-5123 | 1 Castillocentral | 1 Ccleague | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin.php in CCleague Pro 1.2 allows remote attackers to execute arbitrary SQL commands via the u parameter. | |||||
| CVE-2008-5131 | 1 Develop It Easy | 1 News And Article System | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter to article_details.php, and the (2) username and (3) password to the admin panel (admin/index.php). | |||||
| CVE-2008-5132 | 1 Memht | 1 Memht Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header. | |||||
| CVE-2008-6163 | 1 Openx | 1 Openx | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in www/delivery/ac.php in OpenX 2.6.1 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter. | |||||
| CVE-2008-5166 | 1 Easysitenetwork | 1 Riddles Website | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in riddle.php in Riddles Website 1.2.1 allows remote attackers to execute arbitrary SQL commands via the riddleid parameter. | |||||
| CVE-2008-5168 | 1 Easysitenetwork | 1 Tips Complete Website | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tip.php in Tips Complete Website 1.2.0 allows remote attackers to execute arbitrary SQL commands via the tipid parameter. | |||||
| CVE-2008-5169 | 1 Easysitenetwork | 1 Drinks Complete Website | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in drinks/drink.php in Drinks Complete Website 2.1.0 allows remote attackers to execute arbitrary SQL commands via the drinkid parameter. | |||||
| CVE-2008-5170 | 1 Easysitenetwork | 1 Cheats Complete Website | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in item.php in Cheats Complete Website 1.1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter. | |||||
| CVE-2008-5174 | 1 Easysitenetwork | 1 Jokes Complete Website | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in joke.php in Jokes Complete Website 2.1.3 allows remote attackers to execute arbitrary SQL commands via the jokeid parameter. | |||||
| CVE-2008-5190 | 1 Eshop100 | 1 Eshop100 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in eSHOP100 allows remote attackers to execute arbitrary SQL commands via the SUB parameter. | |||||
| CVE-2008-5191 | 1 Seportal | 1 Seportal | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php. | |||||
| CVE-2008-5192 | 1 Philboard | 1 Philboard | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920. | |||||
| CVE-2008-5194 | 1 Softvisions Software | 1 Online Booking Manager | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in checkavail.php in SoftVisions Software Online Booking Manager (obm) 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5195 | 1 Sebrac | 1 Sebraccms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SebracCMS (sbcms) 0.4 allow remote attackers to execute arbitrary SQL commands via (1) the recid parameter to cms/form/read.php, (2) the uname parameter to cms/index.php, and other unspecified vectors. | |||||
| CVE-2008-5196 | 1 Php-fusion | 2 Php-fusion, The Kroax Module | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in kroax.php in the Kroax (the_kroax) 4.42 and earlier module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2008-5200 | 2 Joomla, Mambo | 3 Com Xewebtv, Joomla, Mambo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Xe webtv (com_xewebtv) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2008-5208 | 2 Joomla, Mambo | 3 Com Datsogallery, Joomla, Mambo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | |||||
| CVE-2008-5212 | 1 Aj Square | 1 Aj Auction | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in classifide_ad.php in AJ Auction 6.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | |||||
| CVE-2008-5213 | 1 Aj Square | 1 Aj Article | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in featured_article.php in AJ Article 1.0 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a search detail action. | |||||
| CVE-2008-5215 | 1 Clanlite | 1 Clanlite | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in service/profil.php in ClanLite 2.2006.05.20 allows remote attackers to execute arbitrary SQL commands via the link parameter. | |||||
| CVE-2008-5216 | 1 Aj Square | 1 Zeuscart | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category_list.php in AJ Square ZeusCart 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-5223 | 1 Airvae | 1 Commerce | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Airvae Commerce 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2008-5267 | 1 Experts | 1 Experts | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in answer.php in Experts 1.0.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the question_id parameter. | |||||
| CVE-2008-5978 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp. | |||||
| CVE-2008-5269 | 1 Powie | 1 Psys | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in pSys 0.7.0 alpha allows remote attackers to execute arbitrary SQL commands via the shownews parameter. | |||||
| CVE-2008-5270 | 1 Wareziz | 1 Yuhhu Superstar 2008 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.topics.php in Yuhhu Superstar 2008 allows remote attackers to execute arbitrary SQL commands via the board parameter. | |||||
| CVE-2008-5273 | 1 Toddwoolums | 1 Todd Woolums Asp News Management | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewnews.asp in Todd Woolums ASP News Management 2.2 allows remote attackers to execute arbitrary SQL commands via the newsID parameter. | |||||
| CVE-2008-5287 | 1 Scripts4you | 1 Faq Manager | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in catagorie.php in Werner Hilversum FAQ Manager 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-5289 | 1 Scripts4you | 1 Clean Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5292 | 1 Videogirls | 1 Videogirls Biz | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_snaps.php in VideoGirls BiZ allows remote attackers to execute arbitrary SQL commands via the type parameter. | |||||
| CVE-2008-5293 | 1 Bdigital Web Solutions | 1 Webstudio Ehotel | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WebStudio eHotel allows remote attackers to execute arbitrary SQL commands via the pageid parameter. | |||||
| CVE-2008-5294 | 1 Bdigital Web Solutions | 1 Webstudio Ecatalogue | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WebStudio eCatalogue allows remote attackers to execute arbitrary SQL commands via the pageid parameter. | |||||
| CVE-2008-5295 | 1 Jamit Software | 1 Jamit Job Board | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Jamit Job Board 3.4.10 allows remote attackers to execute arbitrary SQL commands via the show_emp parameter. | |||||
| CVE-2008-5306 | 1 Pilot Group | 1 Pg Real Estate Solution | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/index.php in PG Real Estate Solution allows remote attackers to execute arbitrary SQL commands via the login_lg parameter (username). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5307 | 1 Pilot Group | 1 Pg Real Roommate Finder Solution | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/index.php in PG Roommate Finder Solution allows remote attackers to execute arbitrary SQL commands via the login_lg parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5309 | 1 Netart Media | 1 Real Estate Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in NetArt Media Real Estate Portal 1.2 allows remote attackers to execute arbitrary SQL commands via the ad_id parameter in the re_send_email module to index.php. | |||||
| CVE-2008-5310 | 1 Netart Media | 1 Car Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in image.php in NetArt Media Car Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5311 | 1 Netart Media | 1 Blog System | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5320 | 1 E107 | 1 E107 | 2017-09-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in usersettings.php in e107 0.7.13 and earlier allows remote authenticated users to execute arbitrary SQL commands via the ue[] parameter. | |||||
| CVE-2008-5321 | 2 Xoops, Xoops Hocasi | 2 Xoops, Gesgaleri | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the no parameter. | |||||
| CVE-2008-5333 | 1 Nitrotech | 1 Nitrotech | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in members.php in NitroTech 0.0.3a allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5335 | 1 Php-fusion | 1 Php-fusion | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in messages.php in PHP-Fusion 6.01.15 and 7.00.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the subject and msg_send parameters, a different vector than CVE-2005-3157, CVE-2005-3158, CVE-2005-3159, CVE-2005-4005, and CVE-2006-2459. | |||||
| CVE-2008-5337 | 1 Multimania | 2 Bandsite Portal System, Bandwebsite | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lyrics.php in Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5486 | 1 Turnkeyforms | 1 Text Link Sales | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5488 | 1 E-topbiz | 1 Domain Shop | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.php in E-topbiz Domain Shop 2 allows remote attackers to execute arbitrary SQL commands via the passfromform parameter. | |||||
| CVE-2008-5489 | 1 Clip-share | 1 Clipshare | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, and 2006 through 2007, allows remote attackers to execute arbitrary SQL commands via the chid parameter. | |||||
| CVE-2008-5490 | 1 Phpstore | 1 Yahoo Answers | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHPStore Yahoo Answers allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||