Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6371 | 1 Ocean12tech | 1 Membership Manager Pro | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the username (Username parameter). | |||||
| CVE-2008-6653 | 3 Joomla, Mambo, Wh-com | 3 Joomla, Mambo, Com Webhosting | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||
| CVE-2008-6372 | 1 Ocean12tech | 1 Faq Manager Pro | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a Cat action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6378 | 1 Mxmania | 1 Calendar Mx Professional | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-6379 | 1 Mxmania | 1 Gallery Mx | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-6380 | 1 Activewebsoftwares | 1 Active Web Helpdesk | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter. | |||||
| CVE-2008-6381 | 1 Bcoos | 1 Bcoos | 2017-09-28 | 4.6 MEDIUM | N/A |
| SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-6389 | 1 Aliensoftcorp | 1 Rae Media Contact Management | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, Standard, and Enterprise allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6390 | 1 Ocean12tech | 1 Membership Manager Pro | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-6401 | 1 Jetik | 1 Jetik-web | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote attackers to execute arbitrary SQL commands via the kat parameter. | |||||
| CVE-2008-6405 | 1 Greatclone | 1 Hotscripts Clone | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showcategory.php in Hotscripts Clone allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-6409 | 1 Brian Wilson | 1 Ol\'bookmarks | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ol'bookmarks manager 0.7.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a brain action. | |||||
| CVE-2008-6414 | 1 Aj Square | 1 Aj Auction | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.php in AJ Auction Pro Platinum Skin 2 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | |||||
| CVE-2008-7210 | 1 Ming Han | 1 Ajchat | 2017-09-28 | 7.5 HIGH | N/A |
| directory.php in AJchat 0.10 allows remote attackers to bypass input validation and conduct SQL injection attacks via a numeric parameter with a value matching the s parameter's hash value, which prevents the associated $_GET["s"] variable from being unset. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in AJChat. | |||||
| CVE-2008-6419 | 1 Socialsitegenerator | 1 Social Site Generator | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php. | |||||
| CVE-2008-6425 | 1 Comicshout | 1 Comicshout | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in ComicShout 2.8 allows remote attackers to execute arbitrary SQL commands via the news_id parameter, a different vector than CVE-2008-2456. | |||||
| CVE-2008-6422 | 1 Psychostats | 1 Psychostats | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and 2.3.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) weapon.php and (2) map.php. | |||||
| CVE-2008-6429 | 2 Joomla, Mike Leeper | 2 Joomla, Com Prayercenter | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the PrayerCenter (com_prayercenter) component 1.4.9 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_request action to index2.php. | |||||
| CVE-2008-6430 | 1 Joomla | 2 Com Mycontent, Joomla | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the MyContent (com_mycontent) component 1.1.13 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | |||||
| CVE-2008-6469 | 1 Plaincart | 1 Plaincart | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PlainCart 1.1.2 allows remote attackers to execute arbitrary SQL commands via the p parameter. | |||||