Search
Total
8599 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2634 | 1 Bearrivernet.net | 1 I-pos Internet Pay Online Store | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in I-Pos Internet Pay Online Store 1.3 Beta and earlier allows remote attackers to execute arbitrary SQL commands via the item parameter. | |||||
| CVE-2008-2643 | 1 Joomla | 1 Com Biblestudy | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Bible Study (com_biblestudy) component before 6.0.7c for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a mediaplayer action to index.php. | |||||
| CVE-2008-2647 | 1 Mebiblio | 1 Mebiblio | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/journal_change_mask.inc.php in meBiblio 0.4.7 allows remote attackers to execute arbitrary SQL commands via the JID parameter. | |||||
| CVE-2008-3669 | 1 Zeescripts | 1 Zeereviews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP Script (aka ZeeReviews) allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | |||||
| CVE-2008-2791 | 1 Kalptaru Infotech | 1 Comparison Engine Power Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2673 | 1 Powie | 1 Pnews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Powie pNews 2.08 and 2.10, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the shownews parameter. | |||||
| CVE-2008-3670 | 1 Articlefriendly | 1 Article Friendly | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in authordetail.php in Article Friendly Pro allows remote attackers to execute arbitrary SQL commands via the autid parameter. | |||||
| CVE-2008-2921 | 1 Eztechhelp Company | 1 Ezcms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in EZTechhelp EZCMS 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2008-2856 | 1 Ownrs | 1 Ownrs | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2676 | 1 Joomla | 2 Com News Portal, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the iJoomla News Portal (com_news_portal) component 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | |||||
| CVE-2008-3673 | 1 Pozscripts | 1 Classified Ads | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browsecats.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3672. | |||||
| CVE-2008-3674 | 1 Pozscripts | 1 Tubeguru Video Sharing Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ugroups.php in PozScripts TubeGuru Video Sharing Script allows remote attackers to execute arbitrary SQL commands via the UID parameter. | |||||
| CVE-2008-3083 | 2 Brightcode, Joomla | 2 Brightcode Weblinks Module, Com Brightweblinks | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-3706 | 1 Zeeways | 1 Zeejobsite | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bannerclick.php in ZEEJOBSITE 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | |||||
| CVE-2008-3711 | 1 Phparcadescript | 1 Phparcadescript | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHPArcadeScript (PHP Arcade Script) 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a browse action. | |||||
| CVE-2008-3713 | 1 Phpbasket | 1 Phpbasket | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product.php in PHPBasket allows remote attackers to execute arbitrary SQL commands via the pro_id parameter. | |||||
| CVE-2008-3718 | 1 Cyberbb | 1 Cyberbb | 2017-09-29 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in cyberBB 0.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) id parameter to show_topic.php and the (2) user parameter to profile.php. | |||||
| CVE-2008-3719 | 1 Scripts-for-sites | 1 Affiliate Directory | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in SFS Affiliate Directory allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action. | |||||
| CVE-2008-3720 | 1 Deeemm | 1 Dmcms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the id vector is already covered by CVE-2007-5679. | |||||
| CVE-2008-2865 | 1 Kalptaru Infotech | 1 Php Site Lock | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a show_article action. | |||||
| CVE-2008-2866 | 1 Caupo.net | 1 Cauposhop Classic | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in csc_article_details.php in Caupo.net CaupoShop Classic 1.3 allows remote attackers to execute arbitrary SQL commands via the saArticle[ID] parameter. | |||||
| CVE-2008-3725 | 1 Yourfreeworld | 1 Ad Board Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in trr.php in YourFreeWorld Ad Board Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3748 | 1 Lbstone | 2 Active Php Bookmarks, Apb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_group.php in Active PHP Bookmarks (APB) 1.1.02 and 1.2.06 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3749 | 1 Yourfreeworld | 1 Banner Management Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3750 | 1 Yourfreeworld | 1 Url Rotator Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3751 | 1 Yourfreeworld | 1 Short Url And Url Tracker Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2867 | 1 E-topbiz | 1 Viral Dx 1 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter. | |||||
| CVE-2008-3089 | 1 Xpoze | 1 Xpoze Pro | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter. | |||||
| CVE-2008-2996 | 1 Gravityboardx | 1 Gravity Board X | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in index.php in Gravity Board X (GBX) 2.0 Beta, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchquery parameter in a getsearch action, and the (2) board_id parameter in a viewboard action. | |||||
| CVE-2008-3755 | 1 Yourfreeworld | 1 Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in YourFreeWorld Classifieds Script allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2008-3756 | 1 Yourfreeworld | 1 Viral Marketing Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Viral Marketing Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3757 | 1 Yourfreeworld | 1 Forced Matrix Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr1.php in YourFreeWorld Forced Matrix Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2868 | 1 Duware | 1 Ducalendar | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter. | |||||
| CVE-2008-3765 | 1 Discountedscripts | 1 Quick Poll Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in code.php in Quick Poll Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3767 | 1 Smartisoft | 1 Phpbazar | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | |||||
| CVE-2008-2869 | 1 E-topbiz | 1 Link Ads 1 | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | |||||
| CVE-2008-3772 | 1 Pars4u | 1 Videosharing | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in categories_portal.php in Pars4u Videosharing 1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-3133 | 1 Barenuked | 1 Barenuked Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2008-3780 | 1 Review-script | 1 Five Star Review Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in recommend.php in Five Star Review Script allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | |||||
| CVE-2008-3783 | 1 Matterdaddy | 1 Matterdaddy Market | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in index.php in Matterdaddy Market 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) type parameters. | |||||
| CVE-2008-2870 | 1 Sharecms | 1 Sharecms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remote attackers to execute arbitrary SQL commands via the (1) eventID parameter to event_info.php and the (2) userID parameter to list_user.php. | |||||
| CVE-2008-3785 | 1 Miacms | 1 Miacms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the com_content component in MiaCMS 4.6.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) view, (2) category, or (3) blogsection action to index.php. | |||||
| CVE-2008-3787 | 1 Nullscripts | 1 Web Directory Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in listing_view.php in Web Directory Script 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||||
| CVE-2008-3788 | 1 Picturespro | 1 Picturespro Photo Cart | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) qtitle, (2) qid, and (3) qyear parameters to (a) search.php, and the (4) email and (5) password parameters to (b) _login.php. | |||||
| CVE-2008-2688 | 1 Pilotcart | 1 Pilot Cart | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pilot.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the article parameter in a kb action. | |||||
| CVE-2008-3848 | 1 Pdesigner | 1 Z-breaknews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in single.php in Z-Breaknews 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3861 | 1 Phpmyrealty | 1 Phpmyrealty | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in pages.php and (2) the price_max parameter in search.php. | |||||
| CVE-2008-2874 | 1 Softbizscripts | 1 Softbiz Jokes And Funny Pics Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbjoke_id parameter, a different vector than CVE-2008-1050. | |||||
| CVE-2008-2875 | 1 Webdevindo-cms | 1 Webdevindo-cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allows remote attackers to execute arbitrary SQL commands via the hal parameter. | |||||
| CVE-2008-2900 | 1 Phpauction | 1 Phpauction | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||