Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2351 | 1 Webmanager-pro | 1 Cms Webmanager-pro | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote attackers to execute arbitrary SQL commands via the (1) lang_id and (2) menu_id parameters. | |||||
| CVE-2008-2340 | 1 News Manager | 1 News Manager | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) lang parameter to (a) advsearch.php, (b) archive.php, and (c) index.php, and the (2) pid parameter to (d) list_tagitems.php. | |||||
| CVE-2008-2337 | 1 Imgallery | 1 Imgallery | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in IMGallery 2.5, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kategoria parameter to (a) galeria.php and the (2) id_phot parameter to (b) popup/koment.php and (c) popup/opis.php in, different vectors than CVE-2006-3163. | |||||
| CVE-2008-2336 | 1 68 Classifieds | 1 68 Classifieds | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2278 | 1 Freelanceauction | 1 Freelance Auction Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action. | |||||
| CVE-2008-2277 | 1 Cmsnx | 1 Feedback And Rating Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.php in Feedback and Rating Script 1.0 allows remote attackers to execute arbitrary SQL commands via the listingid parameter. | |||||
| CVE-2008-2265 | 1 Emophp | 1 Emo Realty Manager | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the ida parameter. | |||||
| CVE-2008-2263 | 1 Cmsnx | 1 Automated Link Exchange Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in linking.page.php in Automated Link Exchange Portal allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: linking.page.php is commonly renamed to link.php, links.php, etc. | |||||
| CVE-2008-2225 | 1 Gamecms | 1 Gamecms Lite | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId parameter. | |||||
| CVE-2008-2223 | 1 Buyscripts | 1 Vshare Youtube Clone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in group_posts.php in vShare YouTube Clone 2.6 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | |||||
| CVE-2008-2222 | 1 Eqdkp | 1 Eqdkp | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in EQdkp 1.3.2f allows remote attackers to bypass EQdkp user authentication via the user_id parameter. | |||||
| CVE-2008-2197 | 1 Miniweb2 | 1 Blog Writer | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the blogwriter module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter to index.php. | |||||
| CVE-2008-2194 | 1 Deluxebb | 1 Deluxebb | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forums.php in DeluxeBB 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sort parameter. | |||||
| CVE-2008-2183 | 1 Toocharger | 1 Smartblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to execute arbitrary SQL commands via the idt parameter. | |||||
| CVE-2008-2180 | 1 Cplinks | 1 Cplinks | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) admin_username parameter (aka the username field) to admin/index.php and the (2) search_text and (3) search_category parameters to search.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2177 | 1 Php Directory Source | 1 Phpdirectorysource | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in phpDirectorySource 1.1.06, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to show.php and the (2) login parameter to admin.php. | |||||
| CVE-2008-2175 | 1 Gamma Scripts | 1 Blogme Php | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in Gamma Scripts BlogMe PHP 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2132 | 1 Systementor | 1 Postcardmentor | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in step1.asp in Systementor PostcardMentor allows remote attackers to execute arbitrary SQL commands via the cat_fldAuto parameter. | |||||
| CVE-2008-2129 | 1 Cine | 1 Galleristic | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Galleristic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2008-2125 | 1 Musicbox | 1 Musicbox | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to execute arbitrary SQL commands via the artistId parameter. | |||||