Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4837 | 1 Proxy Anket | 1 Proxy Anket | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in anket.asp in Proxy Anket 3.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-4835 | 1 Phpmyquote | 1 Phpmyquote | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpMyQuote 0.20 allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action. | |||||
| CVE-2007-4810 | 1 Netjuke | 1 Netjuke | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to execute arbitrary SQL commands via (1) the ge_id parameter in a list.artists action to explore.php or (2) the id parameter in a show.tracks action to xml.php. | |||||
| CVE-2007-4777 | 1 Joomla | 1 Joomla | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to the archive section. NOTE: this may be the same as CVE-2007-4778. | |||||
| CVE-2007-4762 | 1 E-smart Cart | 1 E-smart Cart | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in embadmin/login.asp in E-SMARTCART 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user and (2) pass fields, different vectors than CVE-2007-0092. | |||||
| CVE-2007-4719 | 1 212cafe | 1 212cafeboard | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.php in 212cafeBoard 6.30 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-4611 | 1 Dale Mooney | 1 Calendar Events | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewevent.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-4540 | 1 Olate | 1 Olatedownload | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in download.php in Olate Download (od) 3.4.2 allow remote attackers to execute arbitrary SQL commands via the (1) HTTP_REFERER or (2) HTTP_USER_AGENT HTTP header. | |||||
| CVE-2007-4491 | 1 Gurur Haber | 1 Gurur Haber | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in uyeler2.php in Gurur haber 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-4456 | 2 Mambo, Parkview Consultants | 2 Mambo, Simplefaq | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the SimpleFAQ (com_simplefaq) 2.11 component for Mambo allows remote attackers to execute arbitrary SQL commands via the aid parameter. NOTE: it was later reported that 2.40 is also affected, and that the component can be used in Joomla! in addition to Mambo. | |||||
| CVE-2007-4368 | 1 Ibm | 1 Rational Clearquest | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command. | |||||
| CVE-2007-4207 | 1 Kerberosdev | 1 Gallery In A Box | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin_console/index.asp in Gallery In A Box allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password field. NOTE: these fields might be associated with the txtUsername and txtPassword parameters. | |||||
| CVE-2007-4173 | 1 Hunkaray Okul | 1 Portaly | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-3080. | |||||
| CVE-2007-4095 | 1 Bsm Store | 1 Dependent Forums | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in BSM Store Dependent Forums 1.02 allows remote attackers to execute arbitrary SQL commands via a Username field in an unspecified component, probably the FrmUserName parameter in login.asp. | |||||
| CVE-2007-3884 | 1 Aspindir | 1 Husrevforum | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in philboard_forum.asp in husrevforum 1.0.1 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: it was later reported that 2.0.1 is also affected. | |||||
| CVE-2007-3705 | 1 Fusetalk | 1 Fusetalk | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVAR_SUBCAT (txForumID) parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm. | |||||
| CVE-2007-3563 | 1 Avscripts | 1 Av Arcade | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/view_page.php in AV Arcade 2.1b allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_page action to index.php. | |||||
| CVE-2018-14058 | 1 Pimcore | 1 Pimcore | 2018-10-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| Pimcore before 5.3.0 allows SQL Injection via the REST web service API. | |||||
| CVE-2018-1000653 | 1 Zzcms | 1 Zzcms | 2018-10-12 | 7.5 HIGH | 9.8 CRITICAL |
| zzcms version 8.3 and earlier contains a SQL Injection vulnerability in zt/top.php line 5 that can result in could be attacked by sql injection in zzcms in nginx. This attack appear to be exploitable via running zzcms in nginx. | |||||
| CVE-2018-15151 | 1 Open-emr | 1 Openemr | 2018-10-12 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in interface/de_identification_forms/find_code_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'search_term' parameter. | |||||