Search
Total
8599 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2692 | 1 Joomla | 1 Com Yvcomment | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the yvComment (com_yvcomment) component 1.16.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the ArticleID parameter in a comment action to index.php. | |||||
| CVE-2008-2132 | 1 Systementor | 1 Postcardmentor | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in step1.asp in Systementor PostcardMentor allows remote attackers to execute arbitrary SQL commands via the cat_fldAuto parameter. | |||||
| CVE-2008-3445 | 1 Phpmyrealty | 1 Phpmyrealty | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 allows remote attackers to execute arbitrary SQL commands via the location parameter. | |||||
| CVE-2008-2180 | 1 Cplinks | 1 Cplinks | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) admin_username parameter (aka the username field) to admin/index.php and the (2) search_text and (3) search_category parameters to search.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2175 | 1 Gamma Scripts | 1 Blogme Php | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in Gamma Scripts BlogMe PHP 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2177 | 1 Php Directory Source | 1 Phpdirectorysource | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in phpDirectorySource 1.1.06, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to show.php and the (2) login parameter to admin.php. | |||||
| CVE-2008-2183 | 1 Toocharger | 1 Smartblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to execute arbitrary SQL commands via the idt parameter. | |||||
| CVE-2008-2971 | 1 Cistyle | 1 Ciblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in links-extern.php in CiBlog 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3452 | 1 Endonesia | 2 Calendar Module, Endonesia | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the Calendar module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the loc_id parameter in a list_events action to mod.php. | |||||
| CVE-2008-3484 | 1 Estoreaff | 1 Estoreaff | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in eStoreAff 0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter in a showcat action to index.php. | |||||
| CVE-2008-3487 | 1 Phpauctions | 1 Phpauction Gpl Enhanced | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2194 | 1 Deluxebb | 1 Deluxebb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forums.php in DeluxeBB 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sort parameter. | |||||
| CVE-2008-2197 | 1 Miniweb2 | 1 Blog Writer | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the blogwriter module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter to index.php. | |||||
| CVE-2008-3489 | 1 Phpx | 1 Phpx | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie. | |||||
| CVE-2008-3490 | 1 E-topbiz | 1 Online Dating | 2017-09-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in members/mail.php in E-topbiz Online Dating 3 1.0 allows remote authenticated users to execute arbitrary SQL commands via the mail_id parameter in a veiw action. | |||||
| CVE-2008-3491 | 1 Scripts24 | 2 Ipost, Itgp | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in go.php in Scripts24 iPost 1.0.1 and iTGP 1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter in a report action. | |||||
| CVE-2008-2222 | 1 Eqdkp | 1 Eqdkp | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in EQdkp 1.3.2f allows remote attackers to bypass EQdkp user authentication via the user_id parameter. | |||||
| CVE-2008-2223 | 1 Buyscripts | 1 Vshare Youtube Clone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in group_posts.php in vShare YouTube Clone 2.6 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | |||||
| CVE-2008-2225 | 1 Gamecms | 1 Gamecms Lite | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId parameter. | |||||
| CVE-2008-3027 | 1 Vangogh Web Cms | 1 Vangogh Web Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php. | |||||
| CVE-2008-2263 | 1 Cmsnx | 1 Automated Link Exchange Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in linking.page.php in Automated Link Exchange Portal allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: linking.page.php is commonly renamed to link.php, links.php, etc. | |||||
| CVE-2008-2265 | 1 Emophp | 1 Emo Realty Manager | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the ida parameter. | |||||
| CVE-2008-2277 | 1 Cmsnx | 1 Feedback And Rating Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.php in Feedback and Rating Script 1.0 allows remote attackers to execute arbitrary SQL commands via the listingid parameter. | |||||
| CVE-2008-2278 | 1 Freelanceauction | 1 Freelance Auction Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action. | |||||
| CVE-2008-3030 | 1 Efes Tech Shop | 1 Efes Tech Shop | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action. | |||||
| CVE-2008-3497 | 1 Myphp Cms | 1 Myphp Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in pages.php in MyPHP CMS 0.3.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2008-3498 | 2 Joomla, Netshinesoftware | 2 Joomla\!, Com Netinvoice | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in an orders action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2336 | 1 68 Classifieds | 1 68 Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2337 | 1 Imgallery | 1 Imgallery | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in IMGallery 2.5, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kategoria parameter to (a) galeria.php and the (2) id_phot parameter to (b) popup/koment.php and (c) popup/opis.php in, different vectors than CVE-2006-3163. | |||||
| CVE-2008-3506 | 1 Polypager | 1 Polypager | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to execute arbitrary SQL commands via the nr parameter to the default URI. | |||||
| CVE-2008-2340 | 1 News Manager | 1 News Manager | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) lang parameter to (a) advsearch.php, (b) archive.php, and (c) index.php, and the (2) pid parameter to (d) list_tagitems.php. | |||||
| CVE-2008-2351 | 1 Webmanager-pro | 1 Cms Webmanager-pro | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote attackers to execute arbitrary SQL commands via the (1) lang_id and (2) menu_id parameters. | |||||
| CVE-2008-2356 | 1 Archangelmgt | 1 Archangel Weblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Archangel Weblog 0.90.02 and earlier allows remote attackers to execute arbitrary SQL commands via the post_id parameter. | |||||
| CVE-2008-3119 | 1 Dreamlevels | 1 Dream Pics Builder | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2008-3507 | 1 Wogan May | 1 Litenews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in LiteNews 0.1 (aka 01), and possibly 1.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action. | |||||
| CVE-2008-2393 | 1 Entertainmentscript | 1 Entertainmentscript | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2394 | 1 Tagworx | 1 Tagworx Cms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php. | |||||
| CVE-2008-2395 | 1 Alkalinephp | 1 Alkalinephp | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in thread.php in AlkalinePHP 0.80.00 beta and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2845 | 1 Mybizz-classifieds | 1 Mybizz-classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in MyBizz-Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2846 | 1 Boatscripts | 1 Boatscripts Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in BoatScripts Classifieds allows remote attackers to execute arbitrary SQL commands via the type parameter. | |||||
| CVE-2008-2847 | 1 Softdivision | 1 Maxtrade Aoi | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 allows remote attackers to execute arbitrary SQL commands via the categori parameter in a pocategorisell action to modules.php. | |||||
| CVE-2008-2416 | 1 Fichive | 1 Fichive | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php. | |||||
| CVE-2008-2417 | 1 How2asp | 1 Webboard | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard 4.1 allows remote attackers to execute arbitrary SQL commands via the qNo parameter. | |||||
| CVE-2008-3554 | 1 Comsenz | 1 Discuz | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Discuz! 6.0.1 allows remote attackers to execute arbitrary SQL commands via the searchid parameter in a search action. | |||||
| CVE-2008-3152 | 1 Orbitscripts | 2 Smartppc, Smartppc Pro | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote attackers to execute arbitrary SQL commands via the idDirectory parameter. | |||||
| CVE-2008-2918 | 1 Application Dynamics | 1 Cartweaver | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote attackers to execute arbitrary SQL commands via the prodId parameter, possibly a related issue to CVE-2006-2046.3. | |||||
| CVE-2008-2443 | 1 Therealestatescript | 1 The Real Estate Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in dpage.php in The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the docID parameter. | |||||
| CVE-2008-2444 | 1 Calogic | 1 Calogic Calendars | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in userreg.php in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary SQL commands via the langsel parameter. | |||||
| CVE-2008-2446 | 1 Wgcc | 1 Web Group Communication Center | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) userid parameter to (a) profile.php in a "show moreinfo" action; the (2) bildid parameter to (b) picturegallery.php in a shownext action; the (3) id parameter to (c) filebase.php in a freigeben action, (d) schedule.php in a del action, and (e) profile.php in an observe action; and the (4) pmid parameter in a delete action and (5) folderid parameter in a showfolder action to (f) message.php. | |||||
| CVE-2008-2447 | 1 Mytipper | 1 Zogo Shop | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in products.php in the Mytipper ZoGo-shop plugin 1.15.5 and 1.16 Beta 13 for e107 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||