Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5650 | 1 Alstrasoft | 1 Webhost Directory | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login directory in AlstraSoft Web Host Directory allows remote attackers to execute arbitrary SQL commands via the pwd parameter. | |||||
| CVE-2008-5649 | 1 Alstrasoft | 1 Article Manager Pro | 2017-09-29 | 10.0 HIGH | N/A |
| SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-5643 | 2 Joomla, Mambo | 3 Com Books, Joomla, Mambo | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php. | |||||
| CVE-2008-5641 | 1 Activewebsoftwares | 1 Active Photo Gallery | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2008-5640 | 1 Activewebsoftwares | 1 Active Bids | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | |||||
| CVE-2008-5638 | 1 Activewebsoftwares | 1 Active Price Comparison | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Active Price Comparison 4 allow remote attackers to execute arbitrary SQL commands via the (1) ProductID parameter to reviews.aspx or the (2) linkid parameter to links.asp. | |||||
| CVE-2008-5637 | 1 Parsblogger | 1 Parsblogger | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows remote attackers to execute arbitrary SQL commands via the wr parameter. | |||||
| CVE-2008-5636 | 1 Lovedesigner | 1 Lito Lite Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in cate.php in Lito Lite CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-5635 | 1 Activewebsoftwares | 1 Active Membership | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in account.asp in Active Membership 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5634 | 1 Activewebsoftwares | 1 Active Force Matrix | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in account.asp in Active Force Matrix 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5633 | 1 Activewebsoftwares | 1 Activevotes | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5632 | 1 Activewebsoftwares | 1 Active Time Billing | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5631 | 1 Activewebsoftwares | 1 Active Ewebquiz | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5630 | 1 Qualityunit | 1 Post Affiliate Pro | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 3 and 3.1.4 allows remote attackers to execute arbitrary SQL commands via the umprof_status parameter. | |||||
| CVE-2008-5628 | 1 Little Cms | 1 Little Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in CMS little 0.0.1 allows remote attackers to execute arbitrary SQL commands via the term parameter. | |||||
| CVE-2008-5627 | 1 Activewebsoftwares | 1 Active Trade | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in account.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter (aka Email field) or the (2) password parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5607 | 2 Joomitaly, Joomla | 2 Jmovies, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2008-5605 | 1 Aspapps | 1 Aspportal | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ASP Portal allow remote attackers to execute arbitrary SQL commands via the (1) ItemID parameter to classifieds.asp and the (2) ID parameter to Events.asp. | |||||
| CVE-2008-5599 | 1 Merlix | 1 Teamworx Server | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to execute arbitrary SQL commands via the password parameter (aka passwd field) in a login action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5595 | 1 Aspapps | 1 Asp Autodealer | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||