Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4204 | 1 Softacid | 1 Hotel Reservation System | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation System (HRS) allows remote attackers to execute arbitrary SQL commands via the city parameter. | |||||
| CVE-2008-4203 | 1 Czaries | 1 Czarnews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cn_users.php in CzarNews 1.20 and earlier allows remote attackers to execute arbitrary SQL commands via a recook cookie. | |||||
| CVE-2008-4202 | 1 Gonafish | 1 Linkscaffepro | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Gonafish LinksCaffePRO 4.5 allows remote attackers to execute arbitrary SQL commands via the idd parameter in a deadlink action. | |||||
| CVE-2008-4185 | 1 Webcms | 1 Webcms Portal Edition | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in webCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id parameter in a documentos action, a different vector than CVE-2008-3213. | |||||
| CVE-2008-4178 | 1 Downline Goldmine | 2 Builder, New Addon | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4177 | 1 Preprojects | 1 Pre Real Estate Listings | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the c parameter. | |||||
| CVE-2008-4176 | 1 Asp Indir | 1 Fot Video Scripti | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in izle.asp in FoT Video scripti 1.1 beta allows remote attackers to execute arbitrary SQL commands via the oyun parameter. | |||||
| CVE-2008-4175 | 1 Linkbidscript | 1 Linkbidscript | 2017-09-29 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php. | |||||
| CVE-2008-4173 | 1 Proarcadescript | 1 Proarcadescript | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ProArcadeScript 1.3 allows remote attackers to execute arbitrary SQL commands via the random parameter to the default URI. | |||||
| CVE-2008-4169 | 1 Iscripts | 1 Easyindex | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote attackers to execute arbitrary SQL commands via the produid parameter. | |||||
| CVE-2008-4161 | 1 Assetman | 1 Assetman | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in search_inv.php in Assetman 2.5b allows remote attackers to execute arbitrary SQL commands and conduct session fixation attacks via a combination of crafted order and order_by parameters in a search_all action. | |||||
| CVE-2008-4159 | 1 Zanfi Solutions | 2 Jaw Portal, Zanfi Cms Lite | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter. | |||||
| CVE-2008-4157 | 1 Vastal | 1 Phpvid | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected. | |||||
| CVE-2008-4156 | 1 Customcms | 1 Gaming Portal | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in print.php in CustomCms (CCMS) Gaming Portal 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4154 | 1 Living-e | 1 Webedition Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in living-e webEdition CMS allows remote attackers to execute arbitrary SQL commands via the we_objectID parameter. | |||||
| CVE-2008-4150 | 1 Dieselscripts | 1 Diesel Joke Site | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in picture_category.php in Diesel Joke Site allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3763. | |||||
| CVE-2008-4145 | 1 Addalink | 1 Addalink | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in user_read_links.php in Addalink 1.0 beta 4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
| CVE-2008-4144 | 1 Discountedscripts | 1 E-gold Script Shop | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ACG-ScriptShop E-Gold Script Shop allows remote attackers to execute arbitrary SQL commands via the cid parameter in a showcat action. | |||||
| CVE-2008-4142 | 1 Ephpscripts | 1 E-php Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the es_id parameter. | |||||
| CVE-2008-4093 | 1 Yourownbux | 1 Yourownbux | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in memberstats.php in YourOwnBux 3.1 and 3.2 beta, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. | |||||