Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6582 | 1 Miniweb2 | 1 Miniweb | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | |||||
| CVE-2008-6606 | 1 Matpo | 1 Matpo Link | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6608 | 1 Developiteasy | 1 Events Calendar | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in DevelopItEasy Events Calendar 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the user_name parameter (aka user field) to admin/index.php, (2) the user_pass parameter (aka pass field) to admin/index.php, or (3) the id parameter to calendar_details.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6611 | 1 Abweb | 1 Minimal Ablog | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6614 | 1 Impliedbydesign | 1 Ibd Micro Cms | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in microcms-admin-login.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) allow remote attackers to execute arbitrary SQL commands via (1) the administrators_username parameter (aka the Username field) or (2) the administrators_pass parameter (aka the Password field). | |||||
| CVE-2008-6622 | 1 Webbdomian | 1 Post Card | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in choosecard.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02, 1.01, and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-6623 | 1 Webbdomain | 1 Post Card | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in getin.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-6624 | 1 Webbdomain | 1 Petition | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in getin.php in WEBBDOMAIN Petition 1.02, 2.0, and 3.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-6625 | 1 Webbdomain | 1 Polls | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in getin.php in WEBBDOMAIN Polls (aka Poll) 1.0 and 1.01 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-6626 | 1 Webbdomain | 1 Quiz | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in getin.php in WEBBDOMAIN Quiz 1.02 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-6627 | 1 Webbdomain | 1 Webshop | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in getin.php in WEBBDOMAIN WebShop 1.2, 1.1, 1.02, and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2008-6632 | 1 Mercuryboard | 1 Mercuryboard | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER['HTTP_USER_AGENT']). | |||||
| CVE-2008-6633 | 1 Beaussier | 1 Roomphplanning | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idresa parameter to resaopen.php. | |||||
| CVE-2008-6634 | 1 Beaussier | 1 Roomphplanning | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idroom parameter to weekview.php. | |||||
| CVE-2008-6641 | 1 Aspindir | 1 Shader Tv | 2017-09-28 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remote authenticated administrators to execute arbitrary SQL commands via the sid parameter to (1) kanal.asp, (2) google.asp, and (3) hakk.asp in yonet/; and allow remote attackers to execute arbitrary SQL commands via the (4) username or (5) password fields to yonet/default.asp. | |||||
| CVE-2008-6642 | 1 Dotcontent | 1 Fluentcms | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in DotContent FluentCMS 4.x allows remote attackers to execute arbitrary SQL commands via the sid parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6647 | 1 Ktools | 1 Photostore | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3 allows remote attackers to execute arbitrary SQL commands via the gid parameter. | |||||
| CVE-2008-6648 | 1 Ktools | 1 Photostore | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter to about_us.php. NOTE: this might be the same issue as CVE-2008-6647. | |||||
| CVE-2008-6649 | 1 Ktools | 1 Photostore | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-6652 | 1 Insanevisions | 1 Onecms | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the sitename parameter. | |||||