Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2189 | 1 Anserv | 1 Auction Xl | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in viewfaqs.php in AnServ Auction XL allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2135 | 1 Visualshapers | 1 Ezcontents | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in VisualShapers ezContents 2.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) contentname parameter to showdetails.php and the (2) article parameter to printer.php. | |||||
| CVE-2008-2118 | 1 Project Alumni | 1 Project Alumni | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in info.php in Project Alumni 1.0.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2096 | 1 Backlinkspider | 1 Backlink Spider | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php. | |||||
| CVE-2008-2094 | 1 Xoops | 1 Article Module | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.php in the Article module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2087 | 1 Softbiz | 1 Web Hosting Directory Script | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in search_result.php in Softbiz Web Host Directory Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the host_id parameter, a different vector than CVE-2005-3817. | |||||
| CVE-2008-2083 | 1 Prozilla | 1 Hosting Index | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in directory.php in Prozilla Hosting Index, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | |||||
| CVE-2008-2067 | 1 Minibb | 1 Minibb | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bb_admin.php in miniBB 2.2a allows remote attackers to execute arbitrary SQL commands via the whatus parameter in a searchusers2 action. NOTE: it was later reported that other versions before 3.0.1 are also vulnerable. | |||||
| CVE-2008-2036 | 1 Dream4 | 1 Koobi | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in dream4 Koobi Pro 6.25 allows remote attackers to execute arbitrary SQL commands via the poll_id parameter in a poll action. | |||||
| CVE-2008-1990 | 1 Acidcat | 1 Acidcat Cms | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) cID parameter to default.asp and the (2) username parameter to main_login2.asp. | |||||
| CVE-2008-1968 | 1 Cezannesw | 1 Cezanne | 2018-10-11 | 6.0 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Cezanne 7 allow remote authenticated users to execute arbitrary SQL commands via the FUNID parameter to (1) CFLookup.asp and (2) CznCommon/CznCustomContainer.asp. | |||||
| CVE-2008-1936 | 1 Classifieds Caffe | 1 Classifieds Caffe | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Classifieds Caffe allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an add action. NOTE: this issue might be site-specific. | |||||
| CVE-2008-1921 | 1 5th Avenue Software | 1 5th Avenue Shopping Cart | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in store_pages/category_list.php in 5th Avenue Shopping Cart 1.2 trial edition allows remote attackers to execute arbitrary SQL commands via the category_ID parameter. | |||||
| CVE-2008-1895 | 1 Carboncommunities | 1 Carbon Communities | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to events.asp, the (2) UserName parameter to getpassword.asp, and possibly an unspecified parameter to (3) option_Update.asp in an edit action. | |||||
| CVE-2008-1733 | 2 Joomla, Pragmaticutopia | 2 Joomla, Com Puarcade | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade (com_puarcade) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter to index.php. | |||||
| CVE-2008-1699 | 1 Desiquintans | 1 Writers Block Cms | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in permalink.php in Desi Quintans Writer's Block CMS 3.8a allows remote attackers to execute arbitrary SQL commands via the PostID parameter. | |||||
| CVE-2008-1650 | 1 Myiosoft | 1 Easynews | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edp_Help_Internal_News action. | |||||
| CVE-2008-1641 | 1 Efestech | 1 Video | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in EfesTECH Video 5.0 allows remote attackers to execute arbitrary SQL commands via the catID parameter. | |||||
| CVE-2008-1631 | 1 Emedia Office Gmbh | 1 Cuteflow | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter, related to the login form field in index.php. | |||||
| CVE-2008-1613 | 1 Reddot | 1 Cms | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ioRD.asp in RedDot CMS 7.5 Build 7.5.0.48, and possibly other versions including 6.5 and 7.0, allows remote attackers to execute arbitrary SQL commands via the LngId parameter. | |||||