Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4933 | 1 Winterwebs | 1 Ezwebitor | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in EZ Webitor allow remote attackers to execute arbitrary SQL commands via the (1) txtUserId (Username) and (2) txtPassword (Password) parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4892 | 1 Webjump | 1 Webjump\! | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Content Management System WEBjump! allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) portfolio_genre.php and (2) news_id.php. | |||||
| CVE-2009-4891 | 1 Cs-cart | 1 Cs-cart | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CS-Cart 2.0.0 Beta 3 allows remote attackers to execute arbitrary SQL commands via the product_id parameter in a products.view action. | |||||
| CVE-2009-4889 | 2 Basti2web, Php-fusion | 2 Book Panel, Php-fusion | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in books.php in the Book Panel (book_panel) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the bookid parameter. | |||||
| CVE-2009-4883 | 1 Todd Rogers | 1 Phprecipebook | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and 2.39 allows remote attackers to execute arbitrary SQL commands via the (1) base_id or (2) course_id parameter in a search action. | |||||
| CVE-2009-4872 | 1 Logoshows | 1 Logoshows Bbs | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in globepersonnel_login.asp in Logoshows BBS 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. | |||||
| CVE-2009-4871 | 1 Logoshows | 1 Logoshows Bbs | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in globepersonnel_forum.asp in Logoshows BBS 2.0 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | |||||
| CVE-2009-4870 | 1 Phpcityportal | 1 Phpcityportal | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the (1) req_username (aka Username) and (2) req_password (aka Password) parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4862 | 1 Abushhab | 1 Alwasel | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Alwasel 1.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) show.php and (2) xml.php. | |||||
| CVE-2009-4860 | 1 Demarque | 1 Typing Pal | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in demo.php in Typing Pal 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idTableProduit parameter. | |||||
| CVE-2009-4807 | 1 Graugon | 1 Php Article Publisher | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Graugon PHP Article Publisher 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) c parameter to index.php and the (2) id parameter to view.php. | |||||
| CVE-2009-4798 | 1 Diskos | 1 Diskos Cms | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Diskos CMS 6.x allow remote attackers to execute arbitrary SQL commands via the (1) kat parameter to side.asp, and the (2) brugerid and (3) password fields to the administration login feature. | |||||
| CVE-2009-4797 | 1 Jobhut.spranger | 1 Jobhut | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.php in JobHut 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pk parameter. | |||||
| CVE-2009-4792 | 1 Karl Core | 1 Bandsite Cms | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/content/member_content.php in BandSite CMS 1.1.4 allows remote attackers to execute arbitrary SQL commands via the memid parameter to members.php. | |||||
| CVE-2009-4749 | 1 Phplivesupport | 1 Php Live\! | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PHP Live! 3.2.1 and 3.2.2 allow remote attackers to execute arbitrary SQL commands via the x parameter to (1) message_box.php and (2) request.php. | |||||
| CVE-2009-4748 | 2 Andrew Charlton, Wordpress | 2 My Category Order, Wordpress | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mycategoryorder.php in the My Category Order plugin 2.8 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the parentID parameter in an act_OrderCategories action to wp-admin/post-new.php. | |||||
| CVE-2009-4735 | 1 Allomani | 1 Audio \& Video Library | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Allomani Audio & Video Library (Songs & Clips version) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | |||||
| CVE-2009-4734 | 1 Allomani | 1 Movies Library | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | |||||
| CVE-2009-4733 | 1 Supercrackmunkey | 1 Simpleloginsys | 2017-09-19 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4732 | 1 Technotoad | 1 Tt Web Site Manager | 2017-09-19 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tt_name parameter. NOTE: some of these details are obtained from third party information. | |||||