Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0733 | 1 Cs Team | 1 Counter Strike Portal | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers to execute arbitrary SQL commands via the id parameter, as demonstrated using the downloads page. | |||||
| CVE-2008-0681 | 1 Phpshop | 1 Phpshop | 2018-10-15 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action. | |||||
| CVE-2008-0675 | 1 The Everything Development Company | 1 The Everything Development Engine | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cms/index.pl in The Everything Development Engine in The Everything Development System Pre-1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the node_id parameter. | |||||
| CVE-2008-0546 | 1 Shoppingtree | 1 Candypress Store | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idProduct and (2) options parameters to (a) ajax/ajax_optInventory.asp, or the (2) recid parameter to (b) ajax/ajax_getBrands.asp. | |||||
| CVE-2008-0543 | 1 Pre Projects | 1 Pre Dynamic Institution | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0538 | 1 Phpip | 1 Phpip Management | 2018-10-15 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to login.php, the (2) id parameter to display.php, and unspecified other vectors. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0487 | 1 The Net Guys | 1 Aspired2protect | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0469 | 1 Tiger Php News System | 1 Tiger Php News System | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Tiger Php News System (TPNS) 1.0b and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a newscat action. | |||||
| CVE-2008-0451 | 1 Pacercms | 1 Pacercms | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) siteadmin/article-edit.php; and unspecified parameters to (2) submitted-edit.php, (3) page-edit.php, (4) section-edit.php, (5) staff-edit.php, and (6) staff-access.php in siteadmin/. | |||||
| CVE-2008-0428 | 1 Bloofoxcms | 1 Bloofoxcms | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the login function in system/class_permissions.php in bloofoxCMS 0.3 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/index.php. | |||||
| CVE-2008-0422 | 1 Boastmachine | 1 Boastmachine | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mail.php in boastMachine (aka bMachine) 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0385 | 1 Urulu | 1 Urulu | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in server/widgetallocator.php in Urulu 2.1 allows remote attackers to execute arbitrary SQL commands via the connectionId parameter to index.php with (1) statprt/js/request or (2) dyn/js/request in the PATH_INFO. | |||||
| CVE-2008-0383 | 1 Mybb | 1 Mybb | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts action, (2) rid parameter in an allreports action, or (3) threads parameter in a do_multimovethreads action to (a) moderation.php; or (4) gid parameter to (b) admin/usergroups.php. | |||||
| CVE-2008-0363 | 1 Clever Copy | 1 Clever Copy | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to postcomment.php and the (2) album parameter to gallery.php. | |||||
| CVE-2008-0301 | 1 Mapbender | 1 Mapbender | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Mapbender 2.4.4 allow remote attackers to execute arbitrary SQL commands via the gaz parameter to mod_gazetteer_edit.php and other unspecified vectors. | |||||
| CVE-2008-0291 | 1 Hangzhou Rui-qiang | 1 Richstrong Cms | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showproduct.asp in RichStrong CMS allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-0288 | 1 Imagealbum | 1 Imagealbum | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ImageAlbum 2.0.0b2 allow remote attackers to execute arbitrary SQL commands via the id, which is not properly handled in (1) classes/IADomain.php, (2) classes/IACollection.php, and (3) classes/IAUser.php, as demonstrated via the id parameter in a collection.imageview action. | |||||
| CVE-2008-0286 | 1 Article Dashboard | 1 Article Dashboard | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields. | |||||
| CVE-2008-0280 | 1 Mtcms | 1 Mtcms | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in MTCMS 2.0 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the (1) a or (2) cid parameter. | |||||
| CVE-2008-0267 | 1 Eticket | 1 Eticket | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php. | |||||