Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-7153 | 1 Docebo | 1 Docebo | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitrary PHP code using the INTO DUMPFILE command. | |||||
| CVE-2009-0104 | 1 Se-ed | 1 Ezpack | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action. | |||||
| CVE-2009-0109 | 1 Riotpix | 1 Riotpix | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0110 | 1 Riotpix | 1 Riotpix | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | |||||
| CVE-2009-0111 | 1 Goople Cms | 1 Goople Cms | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2009-0252 | 1 Enthrallweb | 1 Ereservations | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote attackers to execute arbitrary SQL commands via the (1) Login parameter (aka username field) or the (2) Password parameter (aka password field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0279 | 1 Pardalcms | 1 Pardalcms | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comentar.php in Pardal CMS 0.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-0281 | 1 Warhound | 1 Walking Club | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.aspx in WarHound Walking Club allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2009-0284 | 1 Flaxweb | 1 Flax Article Manager | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in Flax Article Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2009-0292 | 1 Shop-inet | 1 Shop-inet | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show_cat2.php in SHOP-INET 4 allows remote attackers to execute arbitrary SQL commands via the grid parameter. | |||||
| CVE-2009-0293 | 1 Wazzum | 1 Wazzum Dating Software | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile_view.php in Wazzum Dating Software, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the userid parameter. | |||||
| CVE-2009-0295 | 1 Itlpoll | 1 Itpoll | 2017-09-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) 2.7 Stable 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-0296 | 1 Gempar | 1 Script Toko Online | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shop_display_products.php in Script Toko Online 5.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2009-0297 | 1 Clicktech | 1 Clickauction | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login_check.asp in ClickAuction allows remote attackers to execute arbitrary SQL commands via the (1) txtEmail and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0299 | 1 Groonesworld | 1 Glinks | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2009-0324 | 1 Bibciter | 1 Bibciter | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BibCiter 1.4 allow remote attackers to execute arbitrary SQL commands via the (1) idp parameter to reports/projects.php, the (2) idc parameter to reports/contacts.php, and the (3) idu parameter to reports/users.php. | |||||
| CVE-2009-0337 | 1 Katywhitton | 1 Blogit\! | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-0329 | 1 Joomla | 2 Com Pccookbook, Joomla | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844. | |||||
| CVE-2009-0327 | 1 Seraphimtech | 1 Free Bible Search Php Script | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in readbible.php in Free Bible Search PHP Script 1.0 allows remote attackers to execute arbitrary SQL commands via the version parameter. | |||||
| CVE-2009-0334 | 1 Katywhitton | 1 Blogit\! | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action. | |||||