Search
Total
8599 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5491 | 1 Slimcms | 1 Slimcms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in edit.php in SlimCMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the pageID parameter. | |||||
| CVE-2008-5493 | 1 Phpstore | 2 Wholesale, Wholesales | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in track.php in PHPStore Wholesales (aka Wholesale) allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5494 | 2 Digitalgreys, Joomla | 2 Com Contactinfo, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||
| CVE-2008-5496 | 1 Pozscripts | 1 Business Directory Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showcategory.php in PozScripts Business Directory Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-5559 | 1 Dazzlindonna | 1 Postecards | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sendcard.cfm in PostEcards allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-5561 | 1 Netref | 1 Netref | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Netref 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) fiche_product.php and (2) presentation.php. | |||||
| CVE-2008-5571 | 1 Dotnetindex | 1 Professional Download Assistant | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.asp in Professional Download Assistant 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) uname parameter (aka user field) or the (2) psw parameter (aka passwd field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5573 | 1 Adcomplete | 1 Poll Pro | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login feature in Poll Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) Password and (2) username parameters. | |||||
| CVE-2008-5574 | 1 Unscripts | 1 Webmaster Marketplace | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in member.php in Webmaster Marketplace allows remote attackers to execute arbitrary SQL commands via the u parameter. | |||||
| CVE-2008-5578 | 1 Scssboard | 1 Scssboard | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via (1) the f parameter in a showforum action, (2) the u parameter in a profile action, (3) the viewcat parameter, or (4) a combination of scb_uid and scb_ident cookie values. | |||||
| CVE-2008-5582 | 1 Nukedit | 1 Nukedit | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter. | |||||
| CVE-2008-5586 | 1 Check Up | 1 Check New | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2008-5588 | 1 Katywhitton | 1 Rankem | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the siteID parameter. | |||||
| CVE-2008-5589 | 1 Katywhitton | 1 Rankem | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the (1) txtusername parameter (aka username field) or the (2) txtpassword parameter (aka password field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5590 | 1 Kalptaru Infotech | 1 Product Sale Framework | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in customer.forumtopic.php in Kalptaru Infotech Product Sale Framework 0.1 beta allows remote attackers to execute arbitrary SQL commands via the forum_topic_id parameter. | |||||
| CVE-2008-5595 | 1 Aspapps | 1 Asp Autodealer | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-5599 | 1 Merlix | 1 Teamworx Server | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to execute arbitrary SQL commands via the password parameter (aka passwd field) in a login action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5628 | 1 Little Cms | 1 Little Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in CMS little 0.0.1 allows remote attackers to execute arbitrary SQL commands via the term parameter. | |||||
| CVE-2008-5605 | 1 Aspapps | 1 Aspportal | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ASP Portal allow remote attackers to execute arbitrary SQL commands via the (1) ItemID parameter to classifieds.asp and the (2) ID parameter to Events.asp. | |||||
| CVE-2008-5607 | 2 Joomitaly, Joomla | 2 Jmovies, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2008-5627 | 1 Activewebsoftwares | 1 Active Trade | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in account.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter (aka Email field) or the (2) password parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5630 | 1 Qualityunit | 1 Post Affiliate Pro | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 3 and 3.1.4 allows remote attackers to execute arbitrary SQL commands via the umprof_status parameter. | |||||
| CVE-2008-5631 | 1 Activewebsoftwares | 1 Active Ewebquiz | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5632 | 1 Activewebsoftwares | 1 Active Time Billing | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5633 | 1 Activewebsoftwares | 1 Activevotes | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5634 | 1 Activewebsoftwares | 1 Active Force Matrix | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in account.asp in Active Force Matrix 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5635 | 1 Activewebsoftwares | 1 Active Membership | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in account.asp in Active Membership 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5636 | 1 Lovedesigner | 1 Lito Lite Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in cate.php in Lito Lite CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-5637 | 1 Parsblogger | 1 Parsblogger | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows remote attackers to execute arbitrary SQL commands via the wr parameter. | |||||
| CVE-2008-5638 | 1 Activewebsoftwares | 1 Active Price Comparison | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Active Price Comparison 4 allow remote attackers to execute arbitrary SQL commands via the (1) ProductID parameter to reviews.aspx or the (2) linkid parameter to links.asp. | |||||
| CVE-2008-5640 | 1 Activewebsoftwares | 1 Active Bids | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | |||||
| CVE-2008-5641 | 1 Activewebsoftwares | 1 Active Photo Gallery | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2008-5643 | 2 Joomla, Mambo | 3 Com Books, Joomla, Mambo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php. | |||||
| CVE-2008-5649 | 1 Alstrasoft | 1 Article Manager Pro | 2017-09-29 | 10.0 HIGH | N/A |
| SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-5650 | 1 Alstrasoft | 1 Webhost Directory | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login directory in AlstraSoft Web Host Directory allows remote attackers to execute arbitrary SQL commands via the pwd parameter. | |||||
| CVE-2008-5652 | 1 Myiosoft | 1 Easybookmarker | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5665 | 1 Xoops | 1 Xoops | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter. | |||||
| CVE-2008-5727 | 1 Netcat | 1 Netcat | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the query string. | |||||
| CVE-2008-5767 | 1 Gazatem | 1 Gnews Publisher | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter. | |||||
| CVE-2008-5737 | 1 Nodstrum | 1 Mysql Calendar | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-5739 | 1 Pligg | 1 Pligg Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 Beta allows remote attackers to execute arbitrary SQL commands via the url parameter. | |||||
| CVE-2008-5751 | 1 Alstrasoft | 1 Web Email Script Enterprise | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a directory action. | |||||
| CVE-2008-5766 | 1 Fascript | 1 Faupload | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in download.php in Farsi Script Faupload allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5768 | 2 Sirium, Xoops | 2 Am Events Module, Xoops | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in print.php in the AM Events (aka Amevents) module 0.22 for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5772 | 1 Aspsiteware | 1 Realtylistings | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to type.asp and the (2) iPro parameter to detail.asp. | |||||
| CVE-2008-5774 | 1 Aspsiteware | 1 Homebuilder | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to (a) type.asp and (b) type2.asp and the (2) iPro parameter to (c) detail.asp. | |||||
| CVE-2008-5775 | 1 Apertoblog | 1 Apertoblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5777 | 1 Cadenix | 1 Cadenix | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CadeNix allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-5778 | 1 Flds Script | 1 Flds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in report.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | |||||
| CVE-2008-5779 | 1 Flds Script | 1 Flds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||