Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14078 | 1 Trendmicro | 1 Mobile Security | 2017-09-29 | 10.0 HIGH | 9.8 CRITICAL |
| SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | |||||
| CVE-2017-12930 | 1 Tecnovision | 1 Dlx Spot Player4 | 2017-09-29 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web interface as administrator via a crafted password. | |||||
| CVE-2009-0881 | 1 Josema Enzo | 1 Isiajax | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-0883 | 1 Amunak | 1 Blue Eye Cms | 2017-09-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in Blue Eye CMS 1.0.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the BlueEyeCMS_login cookie parameter. | |||||
| CVE-2009-0965 | 1 Ismail Fahmi | 1 Ganesha Digital Library | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in functions/browse.php in Ganesha Digital Library (GDL) 4.0 and 4.2 allows remote attackers to execute arbitrary SQL commands via the node parameter in a browse action to gdl.php. | |||||
| CVE-2009-0968 | 2 Fahlstad, Wordpress | 2 Fmoblog Plugin, Wordpress | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1023 | 1 Phpcomasy | 1 Phpcomasy | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpComasy 0.9.1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter. | |||||
| CVE-2009-1024 | 1 Beerwin | 1 Phplinkadmin | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Beerwin PHPLinkAdmin 1.0 allow remote attackers to execute arbitrary SQL commands via the linkid parameter to edlink.php, and unspecified other vectors. | |||||
| CVE-2009-1026 | 1 Kimwebsites | 1 Kim Websites | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in Kim Websites 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2009-1032 | 1 Yabsoft | 1 Advanced Image Hosting Script | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter. | |||||
| CVE-2009-1033 | 1 Deluxebb | 1 Deluxebb | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in misc.php in DeluxeBB 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the qorder parameter, a different vector than CVE-2005-2989 and CVE-2006-2503. | |||||
| CVE-2009-1038 | 1 Yap | 1 Yap Blog | 2017-09-28 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) image_id parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the (2) user parameter in a modif action to admin/index.php. | |||||
| CVE-2009-1049 | 1 Kamads | 1 Bloginator | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-1066 | 1 Getpixie | 1 Pixie Cms | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the referral function in admin/lib/lib_logs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request. | |||||
| CVE-2009-1224 | 1 Scivox | 1 Vsp Stats Processor | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in vsp-core/pub/themes/bismarck/gamestat.php in vsp stats processor 0.45 allows remote attackers to execute arbitrary SQL commands via the gameID parameter. | |||||
| CVE-2009-1259 | 1 Insanevisions | 1 Adaptbb | 2017-09-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php. | |||||
| CVE-2009-1229 | 1 Arcadwy | 1 Arcadwy Arcade Script | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Arcadwy Arcade Script allows remote attackers to execute arbitrary SQL commands via the user cookie parameter. | |||||
| CVE-2009-1247 | 1 Acutecp.rediscussed | 1 Acutecp | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2009-1256 | 1 Flexcms | 1 Flexcms | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in FlexCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the ItemId parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1263 | 2 Alikonweb, Joomla | 2 Com Bookjoomlas, Joomla | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php. | |||||