Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1554 | 1 Topper | 1 Toppermod | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in account/index.php in TopperMod 2.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a non-alphanumeric first character the localita parameter, which bypasses a protection mechanism. | |||||
| CVE-2008-1549 | 1 Aeries | 1 Aeries Student Information System | 2018-10-11 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the (1) GrdBk parameter to GradebookOptions.asp and the (2) SchlCode variable to loginproc.asp, a different vector than CVE-2008-0942. | |||||
| CVE-2008-1494 | 1 Easy-clanpage | 1 Easy-clanpage | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in inc/module/online.php in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a user details action, a different vector than CVE-2008-1425. | |||||
| CVE-2008-1426 | 1 Kaphotoservice | 1 Kaphotoservice | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in album.asp in KAPhotoservice allows remote attackers to execute arbitrary SQL commands via the albumid parameter. | |||||
| CVE-2008-1350 | 1 Fully Modded Phpbb | 1 Fully Modded Phpbb | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm) 80220 allows remote attackers to execute arbitrary SQL commands via the k parameter in an article action. | |||||
| CVE-2008-1346 | 1 Myiosoft | 1 Easycalendar | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in staticpages/easygallery/index.php in MyioSoft EasyGallery 5.0tr and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action. | |||||
| CVE-2008-1344 | 1 Myiosoft | 1 Easycalendar | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MyioSoft EasyCalendar 4.0tr and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year parameter in a dayview action to plugins/calendar/calendar_backend.php and the (2) page parameter to ajaxp_backend.php. | |||||
| CVE-2008-1336 | 1 Koobi | 1 Koobi Cms | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Koobi CMS 4.2.3 through 4.3.0 allows remote attackers to execute arbitrary SQL commands via the categ parameter in a links action to index.php, a different vector than CVE-2008-1122. | |||||
| CVE-2008-1162 | 1 Php Web Scripts | 1 Dynamic Photo Gallery | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter. | |||||
| CVE-2008-1137 | 2 Joomla, Mambo | 2 Com Garyscookbook, Com Garyscookbook | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
| CVE-2008-1122 | 1 Dream4 | 1 Koobi Pro | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the downloads module in Koobi Pro 5.7 allows remote attackers to execute arbitrary SQL commands via the categ parameter to index.php. NOTE: it was later reported that this also affects Koobi CMS 4.2.4, 4.2.5, and 4.3.0. | |||||
| CVE-2008-1094 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2018-10-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter. | |||||
| CVE-2008-1050 | 1 Softbiz | 1 Jokes And Funny Pictures Script | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter. | |||||
| CVE-2018-2447 | 1 Sap | 1 Businessobjects Business Intelligence | 2018-10-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| SAP BusinessObjects Business Intelligence (Launchpad Web Intelligence), version 4.2, allows an attacker to execute crafted InfoObject queries, exposing the CMS InfoObjects database. | |||||
| CVE-2018-2450 | 1 Sap | 1 Maxdb | 2018-10-11 | 6.5 MEDIUM | 7.2 HIGH |
| SAP MaxDB (liveCache), versions 7.8 and 7.9, allows an attacker who gets DBM operator privileges to execute crafted database queries and therefore read, modify or delete sensitive data from database. | |||||
| CVE-2018-15146 | 1 Open-emr | 1 Openemr | 2018-10-11 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in interface/de_identification_forms/find_immunization_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'search_term' parameter. | |||||
| CVE-2011-0407 | 1 Phenotype-cms | 1 Phenotype Cms | 2018-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the store function in _phenotype/system/class/PhenoTypeDataObject.class.php in Phenotype CMS 3.0 allows remote attackers to execute arbitrary SQL commands via a crafted URI, as demonstrated by Gallery/gal_id/1/image1,1.html. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5049 | 1 Zabbix | 1 Zabbix | 2018-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in events.php in Zabbix 1.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the nav_time parameter. | |||||
| CVE-2010-5029 | 1 Codefabrik | 1 Ecomat Cms | 2018-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the show parameter in a web action. | |||||
| CVE-2010-5024 | 1 Cutesite | 1 Cutesite Cms | 2018-10-10 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in manage/add_user.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the user_id parameter. NOTE: some of these details are obtained from third party information. | |||||