Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2862 | 1 Elinestudio | 1 Site Composer | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to ansFAQ.asp and the (2) template_id parameter to preview.asp. | |||||
| CVE-2008-2916 | 1 Preprojects | 1 Pre Ads Portal | 2018-10-11 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to showcategory.php and the (2) id parameter to software-description.php. | |||||
| CVE-2008-2917 | 1 Preprojects | 1 E-smart Cart | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
| CVE-2008-2642 | 1 Kmrg-itb | 1 Otomigenx | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in OtomiGenX 2.2 allows remote attackers to execute arbitrary SQL commands via the userAccount parameter (aka the User Name field) to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2652 | 1 Smeweb | 1 Smeweb | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in catalog.php in SMEWeb 1.4b and 1.4f allow remote attackers to execute arbitrary SQL commands via the (1) idp and (2) category parameters. | |||||
| CVE-2008-2669 | 1 Y-blog | 1 Yblog | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote attackers to execute arbitrary SQL commands via (1) the q parameter to search.php, or the n parameter to (2) user.php or (3) uss.php. | |||||
| CVE-2008-2670 | 1 Insanelysimple2 | 1 Isblog | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Insanely Simple Blog 0.5 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter, or (2) the term parameter in a search action. NOTE: the current_subsection parameter is already covered by CVE-2007-3889. | |||||
| CVE-2008-2671 | 1 Dcfm Blog | 1 Dcfm Blog | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2701 | 1 Joomla | 1 Com Gameq | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the GameQ (com_gameq) component 4.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a page action to index.php. | |||||
| CVE-2008-2781 | 1 Dzoic | 1 Handshakes | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in DZOIC Handshakes 3.5 allows remote attackers to execute arbitrary SQL commands via the fname parameter in a members search action. | |||||
| CVE-2008-2411 | 1 Sazcart | 1 Sazcart | 2018-10-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a details action. | |||||
| CVE-2008-2428 | 1 Torrenttrader | 1 Torrenttrader Classic | 2018-10-11 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in TorrentTrader 1.08 Classic allow remote attackers to execute arbitrary SQL commands via the (1) email or (2) wantusername parameter to account-signup.php, or the (3) receiver parameter to account-inbox.php in a msg action. | |||||
| CVE-2008-2454 | 1 Joomla | 1 Com Xsstream-dm | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) component 0.01 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the movie parameter to index.php. | |||||
| CVE-2008-2460 | 1 Vbulletin | 1 Vbulletin | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in faq.php in vBulletin 3.7.0 Gold allows remote attackers to execute arbitrary SQL commands via the q parameter in a search action. | |||||
| CVE-2008-2479 | 1 Badongo | 1 Phpfix | 2018-10-11 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) kind parameter to fix/browse.php and the (2) account parameter to auth/00_pass.php. | |||||
| CVE-2008-2491 | 1 Hotscripts | 1 Ablespace | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in adv_cat.php in AbleSpace 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-2492 | 1 Badongo | 1 Campus Bulletin Board | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to post3/view.asp and the (2) review parameter to post3/book.asp. | |||||
| CVE-2008-2509 | 1 Excuse Online | 1 Excuse Online | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pwd.asp in Excuse Online allows remote attackers to execute arbitrary SQL commands via the pID parameter. | |||||
| CVE-2008-2510 | 1 Wordpress | 1 Upload File Plugin | 2018-10-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wp-uploadfile.php in the Upload File plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the f_id parameter. | |||||
| CVE-2008-2554 | 1 Bp Blog | 1 Bp Blog | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp. | |||||