Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4730 | 1 X10media | 1 Adult Script | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in report.php in x10 Adult Media Script 1.7 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-4728 | 1 Questions Answered | 1 Questions Answered | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the administrative interface in Questions Answered 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4727 | 1 Junglescripts | 1 Ajax Short Url Script | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in x/login in JungleScripts Ajax Short Url Script allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2009-4724 | 1 Paymentprocessorscript | 1 Ppscript | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shop.htm in PaymentProcessorScript.net PPScript allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-4722 | 1 Limny | 1 Limny | 2017-09-19 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2009-4721 | 1 Andrews-web | 1 Aw-bannerad | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Admin/index.asp in Andrews-Web (A-W) BannerAd 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) User and (2) Password parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4698 | 2 Alexandre Amaral, Xoops | 2 Xoops Celepar, Xoops | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Qas (aka Quas) module for XOOPS Celepar allow remote attackers to execute arbitrary SQL commands via the codigo parameter to (1) aviso.php and (2) imprimir.php, and the (3) cod_categoria parameter to categoria.php. | |||||
| CVE-2009-4696 | 1 Radscripts | 1 Radnics | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RadNICS Gold 5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action. | |||||
| CVE-2009-4695 | 1 Radscripts | 1 Radlance | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action. | |||||
| CVE-2009-4687 | 1 Hypersilence | 1 Silentum Guestbook | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in silentum_guestbook.php in Silentum Guestbook 2.0.2 allows remote attackers to execute arbitrary SQL commands via the messageid parameter. | |||||
| CVE-2009-4680 | 1 Phpdirectorysource | 1 Phpdirectorysource | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in phpDirectorySource 1.x allows remote attackers to execute arbitrary SQL commands via the st parameter. | |||||
| CVE-2009-4673 | 1 Mole-group | 1 Adult Portal Script | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in Mole Group Adult Portal Script allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | |||||
| CVE-2009-4669 | 1 Beaussier | 1 Roomphplanning | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in RoomPHPlanning 1.6 allow remote attackers to execute arbitrary SQL commands via (1) the loginus parameter to Login.php or (2) the Old Password field to changepwd.php, and allow (3) remote authenticated administrators to execute arbitrary SQL commands via the id parameter to admin/userform.php. | |||||
| CVE-2009-4667 | 1 Phpmember | 1 Webmember | 2017-09-19 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in form.php in WebMember 1.0 allows remote authenticated users to execute arbitrary SQL commands via the formID parameter. | |||||
| CVE-2009-4628 | 2 Joomla, Templateplaza | 2 Joomla\!, Com Tpdugg | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the TemplatePlaza.com TPDugg (com_tpdugg) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tags action to index.php. | |||||
| CVE-2009-4625 | 2 Joomla, Tamlyncreative | 2 Joomla\!, Com Bfsurvey Profree | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the updateOnePage function in components/com_bfsurvey_pro/controller.php in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4, and other versions before 1.2.6, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the table parameter in an updateOnePage action to index.php. | |||||
| CVE-2009-4624 | 1 Nicecoder | 1 Idesk | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in download.php in Nicecoder iDesk allows remote attackers to execute arbitrary SQL commands via the cat_id parameter, a different vector than CVE-2005-3843. | |||||
| CVE-2009-4621 | 2 Discuz, Patching | 2 Discuz\!, Jianghu Inn | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JiangHu Inn plugin 1.1 and earlier for Discuz! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to forummission.php. | |||||
| CVE-2009-4620 | 2 Joomla, Joomloc | 2 Joomla\!, Com Joomloc | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Joomloc (com_joomloc) component 1.0 for Joomla allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php. | |||||
| CVE-2009-4619 | 2 Joomla, Lucygames | 2 Joomla\!, Com Lucygames | 2017-09-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Lucy Games (com_lucygames) component 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a game action to index.php. NOTE: some of these details are obtained from third party information. | |||||