Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6154 | 1 Hispah | 1 Text Links Ads | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 allows remote attackers to execute arbitrary SQL commands via the idcat parameter. | |||||
| CVE-2008-6153 | 1 Jayeshp | 1 Pixel8 Web Photo Album | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo Album 3.0 allows remote attackers to execute arbitrary SQL commands via the AlbumID parameter. | |||||
| CVE-2008-6152 | 1 Sepcity | 1 Faculty Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in deptdisplay.asp in SepCity Faculty Portal allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: this was originally reported for Lawyer Portal, which does not have a deptdisplay.asp file. | |||||
| CVE-2008-6151 | 1 Sepcity | 1 Shopping Mall | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shpdetails.asp in SepCity Shopping Mall allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-6146 | 1 Deluxebb | 1 Deluxebb | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in pm.php in DeluxeBB 1.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a delete##### parameter in a Delete action, a different vector than CVE-2005-2989. | |||||
| CVE-2008-6142 | 1 China-on-site | 1 Flexphpic | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPic 0.0.4 and FlexPHPic Pro 0.0.3, and other 0.0.x versions, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php. | |||||
| CVE-2008-6133 | 1 Ozsari | 1 Full Php Emlak Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3942. | |||||
| CVE-2008-6117 | 1 Pilotgroup | 1 Pg Job Site Pro | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in homepage.php in PG Job Site Pro allows remote attackers to execute arbitrary SQL commands via the poll_view_id parameter in a results action. | |||||
| CVE-2008-6116 | 2 Extrosoft, Joomla | 2 Com Thyme, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event parameter to index.php. | |||||
| CVE-2008-6115 | 1 Prozilla | 1 Hosting Index | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action, a different vector than CVE-2008-2083. | |||||
| CVE-2008-6114 | 2 E107, Mytipper | 2 E107, Zogo Shop | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_details.php in the Mytipper Zogo-shop 1.15.4 plugin for e107 allows remote attackers to execute arbitrary SQL commands via the product parameter. | |||||
| CVE-2008-6111 | 1 Netart Media | 1 Vlog System | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to execute arbitrary SQL commands via the note parameter. | |||||
| CVE-2008-6102 | 1 Ezonescripts | 1 Link Trader Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ratelink.php in Link Trader Script allows remote attackers to execute arbitrary SQL commands via the lnkid parameter. | |||||
| CVE-2008-6101 | 1 Ezonescripts | 1 Adult Banner Exchange Website | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in click.php in Adult Banner Exchange Website allows remote attackers to execute arbitrary SQL commands via the targetid parameter. | |||||
| CVE-2008-6100 | 1 Berlios | 1 Discussion Forum 2k | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter to (a) RSS1.php and (b) RSS2.php in misc/; and the (2) SubID parameter to (c) misc/RSS5.php. | |||||
| CVE-2008-6093 | 1 Noname-cms | 1 Noname Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Noname CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) file_id parameter in a detailansicht action and the (2) kategorie parameter in a kategorien action. | |||||
| CVE-2008-6091 | 1 Bmforum | 1 Bmforum | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in plugins.php in BMForum 5.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tagname parameter. | |||||
| CVE-2008-6088 | 2 Joomla, Joomtracker | 2 Joomla, Com Joomtracker | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php. | |||||
| CVE-2008-6086 | 1 Camera Life | 1 Camera Life | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3355. | |||||
| CVE-2008-6081 | 1 Simplecustomer | 1 Simple Customer | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in contact.php in Simple Customer 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||