Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6985 | 1 Zen-cart | 1 Zen Cart | 2018-10-11 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart. | |||||
| CVE-2008-6980 | 1 Phpadultsite | 1 Phpadultsite Cms | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in as_archives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to execute arbitrary SQL commands via the results_per_page parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6880 | 1 Easysitenetwork | 1 Jokes Complete Website | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes Website allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6866 | 1 Php-nuke | 1 Current Issue Module | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action. | |||||
| CVE-2008-6728 | 1 Phpnuke | 1 Php-nuke | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php. | |||||
| CVE-2008-6618 | 1 Netlab | 1 Classsystem | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote attackers to execute arbitrary SQL commands via the teacher_id parameter in (1) class/HomepageMain.php and (2) class/HomepageTop.php, and (3) the message_id parameter in class/MessageReply.php. | |||||
| CVE-2008-6593 | 2 Lightneasy, Sqlite | 2 Lightneasy, Sqlite | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php. | |||||
| CVE-2008-6572 | 1 Abledating | 1 Abledating | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | |||||
| CVE-2008-6517 | 1 Nick Jenkin | 1 Newshowler | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in NewsHOWLER 1.03 Beta allows remote attackers to execute arbitrary SQL commands via the news_user cookie parameter. | |||||
| CVE-2008-6509 | 1 Igniterealtime | 1 Openfire | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp. | |||||
| CVE-2008-6438 | 2 E107, E107coders | 2 E107, Macguru Blog Engine Plugin | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected. | |||||
| CVE-2008-6427 | 1 Hivemaker | 1 Hivemaker | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Hivemaker Professional 1.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-6418 | 1 Torrenttrader | 1 Torrenttrader | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter. | |||||
| CVE-2008-6394 | 1 Cs-cart | 1 Cs-cart | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter. | |||||
| CVE-2008-6266 | 1 Appstate | 1 Phpwebsite | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action. | |||||
| CVE-2008-6256 | 1 Vbulletin | 1 Vbulletin | 2018-10-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in admincp/admincalendar.php in vBulletin 3.7.3.pl1 allows remote authenticated administrators to execute arbitrary SQL commands via the holidayinfo[recurring] parameter, a different vector than CVE-2005-3022. | |||||
| CVE-2008-6255 | 1 Vbulletin | 1 Vbulletin | 2018-10-11 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php. | |||||
| CVE-2008-6250 | 1 Comdev | 1 Comdev Web Blogger | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page. | |||||
| CVE-2008-6234 | 2 Joomla, Mambo-foundation | 4 Com Musica, Joomla, Com Musica and 1 more | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2008-6180 | 1 Newlife Blogger | 1 Newlife Blogger | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in system/nlb_user.class.php in NewLife Blogger 3.0 and earlier, and possibly 3.3.1, allows remote attackers to execute arbitrary SQL commands via the nlb3 cookie. | |||||