Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15378 | 1 Softwarepublico | 1 E-sic | 2017-10-31 | 6.5 MEDIUM | 8.8 HIGH |
| SQL Injection exists in the E-Sic 1.0 password reset parameter (aka the cpfcnpj parameter to the /reset URI). | |||||
| CVE-2017-15381 | 1 Softwarepublico | 1 E-sic | 2017-10-31 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in E-Sic 1.0 via the f parameter to esiclivre/restrito/inc/buscacep.php (aka the zip code search script). | |||||
| CVE-2017-3221 | 1 Inmarsat | 1 Amosconnect 8 | 2017-10-28 | 5.0 MEDIUM | 9.8 CRITICAL |
| Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote attackers to access user credentials, including user names and passwords. | |||||
| CVE-2017-15373 | 1 Softwarepublico | 1 E-sic | 2017-10-27 | 7.5 HIGH | 9.8 CRITICAL |
| E-Sic 1.0 allows SQL injection via the q parameter to esiclivre/restrito/inc/lkpcep.php (aka the search private area). | |||||
| CVE-2014-8621 | 1 Store Locator Project | 1 Store Locator | 2017-10-25 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in the Store Locator plugin 2.3 through 3.11 for WordPress allows remote attackers to execute arbitrary SQL commands via the sl_custom_field parameter to sl-xml.php. | |||||
| CVE-2008-3125 | 1 Mole Group | 1 Lastminute Script | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-3189 | 1 Dreamlevels | 1 Dreamnews Manager | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-4966 | 1 Gforge | 1 Gforge | 2017-10-18 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in www/people/editprofile.php in GForge 4.6b2 and earlier allows remote attackers to execute arbitrary SQL commands via the skill_delete[] parameter. | |||||
| CVE-2008-4091 | 1 Source Workshop | 1 Web Directory Script | 2017-10-18 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Web Directory Script 1.5.3 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action. | |||||
| CVE-2008-0916 | 1 Highwood Design | 1 Hwdvideoshare | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Highwood Design hwdVideoShare (com_hwdvideoshare) 1.1.3 Alpha component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a viewcategory action to index.php. | |||||
| CVE-2008-4901 | 1 Scripts Frenzy | 1 Article Publisher Pro | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/admin.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-4902 | 1 Scripts Frenzy | 1 Article Publisher Pro | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in contact_author.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter. | |||||
| CVE-2008-5054 | 1 Develop It Easy | 1 Membership System | 2017-10-18 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters to customer_login.php and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5058 | 1 Preproject | 1 Pre Simple Cms | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5069 | 1 Deeserver | 1 Panuwat Promoteweb Mysql | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5365 | 1 Activewebsoftwares | 1 Activevotes | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in VoteHistory.asp in ActiveWebSoftwares ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter. | |||||
| CVE-2008-1788 | 1 Prozilla | 1 Entertainers | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Prozilla Entertainers 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5629 | 1 Turnkeyarcade | 1 Turnkey Arcade Script | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a play action. | |||||
| CVE-2008-5648 | 1 Deltascripts | 1 Php Shop | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.php in DeltaScripts PHP Shop 1.0 allows remote attackers to execute arbitrary SQL commands via the admin_username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5651 | 1 Myiosoft | 1 Easybookmarker | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in plugins/bookmarker/bookmarker_backend.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the Parent parameter. | |||||