Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1469 | 1 Xigla | 1 Absolute Image Gallery Xe | 2018-10-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.asp in Absolute Image Gallery 2.0 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action. | |||||
| CVE-2007-1250 | 1 Angel Learning | 1 Learning Management Suite | 2018-10-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in section/default.asp in ANGEL Learning Management Suite (LMS) 7.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-1171 | 1 Nukescripts | 1 Nukesentinel | 2018-10-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions before 2.5.12 allows remote attackers to execute arbitrary SQL commands via an admin cookie. | |||||
| CVE-2007-1166 | 1 Nabocorp | 1 Nabopoll | 2018-10-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in result.php in Nabopoll 1.2 allows remote attackers to execute arbitrary SQL commands via the surv parameter. | |||||
| CVE-2007-1154 | 1 Webspell | 1 Webspell | 2018-10-16 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in webSPELL allows remote attackers to execute arbitrary SQL commands via a ws_auth cookie, a different vulnerability than CVE-2006-4782. | |||||
| CVE-2007-1026 | 1 Scriptdungeon | 1 Xlatunes | 2018-10-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in XLAtunes 0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the album parameter in view mode. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-0642 | 1 Rbl | 1 Tforum | 2018-10-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL - ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp. | |||||
| CVE-2007-0527 | 1 Website Baker | 1 Website Baker | 2018-10-16 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the is_remembered function in class.login.php in Website Baker 2.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the REMEMBER_KEY cookie parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-0520 | 1 Unique Ads | 1 Unique Ads | 2018-10-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in banner.php in Unique Ads (UDS) 1.x allows remote attackers to execute arbitrary SQL commands via the bid parameter. | |||||
| CVE-2006-7138 | 1 Oracle | 1 Apex | 2018-10-16 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in wwv_flow_utilities.gen_popup_list in the WWV_FLOW_UTILITIES package for Oracle APEX/HTMLDB before 2.2 allows remote authenticated users to execute arbitrary SQL by modifying the P_LOV parameter and calculating a matching MD5 checksum for the P_LOV_CHECKSUM parameter. NOTE: it is likely that this issue is subsumed by CVE-2006-5351, but due to lack of details from Oracle, this cannot be proven. | |||||
| CVE-2006-7118 | 1 Dmxready | 1 Site Engine Manager | 2018-10-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in DMXReady Site Engine Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the mid parameter. | |||||
| CVE-2008-0943 | 1 Aeries | 1 Aeries Student Information System | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp. | |||||
| CVE-2008-0942 | 1 Aeries | 1 Aeries Student Information System | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote attackers to execute arbitrary SQL commands via the GrdBk parameter. | |||||
| CVE-2008-0920 | 1 Open Source Security Information Management | 1 Os-sim | 2018-10-15 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 allows remote authenticated users to execute arbitrary SQL commands via the portname parameter, which is not properly handled by a validation regular expression. | |||||
| CVE-2008-0879 | 1 Phpnuke | 1 Web Links Module | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action. | |||||
| CVE-2008-0874 | 1 Xoops | 1 Eempregos Module | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | |||||
| CVE-2008-0873 | 1 Jlmzone | 1 Classifieds | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the jlmZone Classifieds module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in an Adsview action. | |||||
| CVE-2008-0857 | 1 Woltlab | 1 Burning Board | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WoltLab Burning Board 3.0.3 PL 1 allows remote attackers to execute arbitrary SQL commands via the sortOrder parameter to the PMList page. | |||||
| CVE-2008-0855 | 2 Joomla, Mambo | 2 Com Facileforms, Com Facileforms | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||
| CVE-2008-0854 | 2 Joomla, Mambo | 2 Com Salesrep, Com Salesrep | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php. | |||||