Search
Total
8599 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3266 | 1 Softacid | 1 Hotel Reservation System Multi | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in picture_pic_bv.asp in SoftAcid Hotel Reservation System (HRS) Multi allows remote attackers to execute arbitrary SQL commands via the key parameter. | |||||
| CVE-2008-3267 | 1 Mojoscripts | 1 Mojojobs | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mojoJobs.cgi in MojoJobs allows remote attackers to execute arbitrary SQL commands via the cat_a parameter. | |||||
| CVE-2008-3291 | 1 Aprox | 2 Aprox Cms Engine, Aproxengine | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in AproxEngine (aka Aprox CMS Engine) 5.1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2753 | 1 Paridel | 1 Pooya Site Builder | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pooya Site Builder (PSB) 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) xslIdn parameter to (a) utils/getXsl.aspx, and the (2) part parameter to (b) getXml.aspx and (c) getXls.aspx in utils/. | |||||
| CVE-2008-3302 | 1 Tuxplanet | 1 Bilboblog | 2017-09-29 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in admin/delete.php in BilboBlog 0.2.1, when magic_quotes_gpc is disabled, allows remote authenticated administrators to execute arbitrary SQL commands via the num parameter. | |||||
| CVE-2008-2989 | 1 Homap | 1 Homap | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in HoMaP-CMS 0.1 allows remote attackers to execute arbitrary SQL commands via the go parameter. | |||||
| CVE-2008-3307 | 1 Youtube Blog | 1 Youtube Blog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306. | |||||
| CVE-2008-3309 | 1 Digiappz | 1 Digileave | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter. | |||||
| CVE-2008-3310 | 1 Preproject | 1 Pre Survey Poll | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Pre Survey Poll allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-2823 | 1 Phpeasynews | 1 Phpeasyblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in newsarchive.php in PHPeasyblog (formerly phpeasynews) 1.13 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter. | |||||
| CVE-2008-2834 | 1 Sidb | 1 Scientific Image Database | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in projects.php in Scientific Image DataBase 0.41 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2835 | 1 Igsuite | 1 Igsuite | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter. | |||||
| CVE-2008-3346 | 1 E-topbiz | 1 Shopcart Dx | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_detail.php in ShopCart DX allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2008-3351 | 1 Atomphotoblog | 1 Atomphotoblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in atomPhotoBlog.php in Atom PhotoBlog 1.0.9.1 and 1.1.5b1 allows remote attackers to execute arbitrary SQL commands via the photoId parameter in a show action. | |||||
| CVE-2008-3352 | 1 Nersoft | 1 Live Music Plus | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Live Music Plus 1.1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a Singer action. | |||||
| CVE-2008-3355 | 1 Camera Life | 1 Camera Life | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sitemap.xml.php in Camera Life 2.6.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. | |||||
| CVE-2008-2770 | 1 Mycrocms | 1 Mycrocms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the entry_id parameter. | |||||
| CVE-2008-3366 | 1 Pligg | 1 Pligg Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2008-1774. | |||||
| CVE-2008-2837 | 1 Cms.brdconcept | 1 Cms-brd | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CMS-BRD allows remote attackers to execute arbitrary SQL commands via the menuclick parameter. | |||||
| CVE-2008-3025 | 1 Plx Web Studio | 1 Plx Ad Trader | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in a redir action. | |||||
| CVE-2008-3372 | 1 Greatclone | 1 Getacoder Clone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search_form.php in Getacoder Clone allows remote attackers to execute arbitrary SQL commands via the sb_protype parameter. | |||||
| CVE-2008-2843 | 1 Doitlive | 1 Cms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter in an USUB action to default.asp and the (2) Licence[SpecialLicenseNumber] (aka LicenceId) cookie to edit/default.asp. | |||||
| CVE-2008-3377 | 1 Brandon Tallent | 1 Phptest | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in picture.php in phpTest 0.6.3 allows remote attackers to execute arbitrary SQL commands via the image_id parameter. | |||||
| CVE-2008-3378 | 1 Fizzmedia Negativekarma | 1 Fizzmedia | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows remote attackers to execute arbitrary SQL commands via the mid parameter. | |||||
| CVE-2008-3382 | 1 Mojoscripts | 1 Mojoclassifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mojoClassified.cgi in MojoClassifieds 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_a parameter. | |||||
| CVE-2008-3383 | 1 Mojoscripts | 1 Mojoauto | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote attackers to execute arbitrary SQL commands via the cat_a parameter in a browse action. | |||||
| CVE-2008-3386 | 1 Alstrasoft | 1 Video Share Enterprise | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote attackers to execute arbitrary SQL commands via the UID parameter, a different vector than CVE-2007-4086. | |||||
| CVE-2008-3387 | 1 Phpfootball | 1 Phpfootball | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the dbtable parameter. | |||||
| CVE-2008-2844 | 1 Carscripts | 1 Carscripts Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Carscripts Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2754 | 1 Efiction | 1 Efiction | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in toplists.php in eFiction 3.0 and 3.4.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the list parameter. | |||||
| CVE-2008-3403 | 1 Mojoscripts | 1 Mojopersonals | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mojoClassified.cgi in MojoPersonals allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-3406 | 1 Phplinkat | 1 Phplinkat | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showcat.php in phpLinkat 0.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-3412 | 1 Ecshop | 1 Epshop | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Comsenz EPShop (aka ECShop) before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a (1) pro_show or (2) disppro action to the default URI. | |||||
| CVE-2008-3413 | 1 Greatclone | 1 Auction Platinum | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in Greatclone GC Auction Platinum allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. | |||||
| CVE-2008-3414 | 1 Siteadmin | 1 Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in line2.php in SiteAdmin allows remote attackers to execute arbitrary SQL commands via the art parameter. | |||||
| CVE-2008-3026 | 1 Oneclick Cms | 1 Oneclick Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet CMS) 2008-01-24 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3416 | 1 Icebb | 1 Icebb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/members.php in IceBB before 1.0-rc9.3 allows remote attackers to execute arbitrary SQL commands via the username parameter in a members action to index.php, related to an incorrect protection mechanism in the clean_string function in includes/functions.php. | |||||
| CVE-2008-2084 | 2 Myarticles, Runcms | 2 Myarticles, Myarticles Module | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a listarticles action. | |||||
| CVE-2008-3417 | 1 Fipsasp | 1 Fipscms Light | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the r parameter, a different vector than CVE-2006-6115 and CVE-2007-2561. | |||||
| CVE-2008-2088 | 1 Phpforge | 1 Php Forge | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/news.php in PHP Forge 3.0 beta 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in the news module to admin.php. | |||||
| CVE-2008-2093 | 3 Joomla, Joomlapolis, Mambo | 3 Com Comprofiler, Community Builder, Com Comprofiler | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php. | |||||
| CVE-2008-3418 | 1 Willo | 1 Trio | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.php in TriO 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2095 | 3 Joomla, Mambo, Page-flip-tools | 3 Com Flippingbook, Com Flippingbook, Flipping Book | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter. | |||||
| CVE-2008-3419 | 1 Greatclone | 1 Youtuber Clone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ugroups.php in Youtuber Clone allows remote attackers to execute arbitrary SQL commands via the UID parameter. | |||||
| CVE-2008-2113 | 1 Phpeasydata | 1 Phpeasydata | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in annuaire.php in PHPEasyData 1.5.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-2114 | 1 Preprojects | 1 Pre Shopping Mall | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2008-3420 | 1 Willo | 1 Mobius Web Publishing Software | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Mobius for Mimsy XG 1 1.4.4.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to browse.php or (2) the s parameter in an exhibitions action to detail.php. | |||||
| CVE-2008-2124 | 1 Fipsasp | 1 Fipscms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS allows remote attackers to execute arbitrary SQL commands via the lg parameter. | |||||
| CVE-2008-2125 | 1 Musicbox | 1 Musicbox | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to execute arbitrary SQL commands via the artistId parameter. | |||||
| CVE-2008-2129 | 1 Cine | 1 Galleristic | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Galleristic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||