Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0942 | 1 Aeries | 1 Aeries Student Information System | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote attackers to execute arbitrary SQL commands via the GrdBk parameter. | |||||
| CVE-2008-0943 | 1 Aeries | 1 Aeries Student Information System | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp. | |||||
| CVE-2008-0616 | 2 Dmsguestbook, Wordpress | 2 Dmsguestbook, Wordpress | 2018-10-15 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. NOTE: it is not clear whether this issue crosses privilege boundaries. | |||||
| CVE-2008-0675 | 1 The Everything Development Company | 1 The Everything Development Engine | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cms/index.pl in The Everything Development Engine in The Everything Development System Pre-1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the node_id parameter. | |||||
| CVE-2008-0681 | 1 Phpshop | 1 Phpshop | 2018-10-15 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action. | |||||
| CVE-2008-0733 | 1 Cs Team | 1 Counter Strike Portal | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers to execute arbitrary SQL commands via the id parameter, as demonstrated using the downloads page. | |||||
| CVE-2008-0737 | 1 Shoppingtree | 1 Candypress Store | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and other 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the helpfield parameter. | |||||
| CVE-2008-0744 | 1 Preprojects.com | 1 Pre Hotels \& Resorts Management System | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in user_login.asp in PreProjects.com Pre Hotels & Resorts Management System allows remote attackers to execute arbitrary SQL commands via the login page. | |||||
| CVE-2008-0750 | 1 Husrev | 1 Blackboard | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in philboard_forum.asp in Husrev BlackBoard 2.0.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | |||||
| CVE-2008-0753 | 1 Vwar | 1 Virtual War | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendar.php in Virtual War (VWar) 1.5 allows remote attackers to execute arbitrary SQL commands via the month parameter. | |||||
| CVE-2008-0754 | 1 Joomla | 1 Com Rapidrecipe | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in the Rapid Recipe (com_rapidrecipe) 1.6.5 component for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the user_id parameter in a showuser action or (2) the category_id parameter in a viewcategorysrecipes action. | |||||
| CVE-2008-0762 | 1 Joomla | 1 Com Iomezun | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the com_iomezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action. | |||||
| CVE-2008-0771 | 1 Site2nite | 1 Real Estate Web | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in default.asp in Site2Nite allow remote attackers to execute arbitrary SQL commands via the (1) txtUserName and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0538 | 1 Phpip | 1 Phpip Management | 2018-10-15 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to login.php, the (2) id parameter to display.php, and unspecified other vectors. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0543 | 1 Pre Projects | 1 Pre Dynamic Institution | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0546 | 1 Shoppingtree | 1 Candypress Store | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idProduct and (2) options parameters to (a) ajax/ajax_optInventory.asp, or the (2) recid parameter to (b) ajax/ajax_getBrands.asp. | |||||
| CVE-2008-0422 | 1 Boastmachine | 1 Boastmachine | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mail.php in boastMachine (aka bMachine) 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0428 | 1 Bloofoxcms | 1 Bloofoxcms | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the login function in system/class_permissions.php in bloofoxCMS 0.3 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/index.php. | |||||
| CVE-2008-0451 | 1 Pacercms | 1 Pacercms | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) siteadmin/article-edit.php; and unspecified parameters to (2) submitted-edit.php, (3) page-edit.php, (4) section-edit.php, (5) staff-edit.php, and (6) staff-access.php in siteadmin/. | |||||
| CVE-2008-0469 | 1 Tiger Php News System | 1 Tiger Php News System | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Tiger Php News System (TPNS) 1.0b and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a newscat action. | |||||