Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5888 | 1 Icash | 1 Click\&rank | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Click&Rank allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hitcounter.asp, (2) user_delete.asp, and (3) user_update.asp; (4) the userid parameter to admin_login.asp (aka the USERNAME field in admin.asp); and (5) the PassWord parameter to admin_login.asp (aka the PASSWORD field in admin.asp). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5890 | 1 Injader | 1 Injader | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in feeds.php in Injader before 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5892 | 1 Icash | 1 Click\&email | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ClickAndEmail allow remote attackers to execute arbitrary SQL commands via (1) the ID parameter to admin_dblayers.asp in an update action, (2) the adminid parameter to admin_loginCheck.asp (aka the USERNAME field in admin_main.asp), and (3) the PassWord parameter to admin_loginCheck.asp (aka the PASSWORD field in admin_main.asp). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5895 | 1 Mediatheka | 1 Mediatheka | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in connection.php in Mediatheka 4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. | |||||
| CVE-2008-5921 | 1 Umerinc | 1 Songs Portal | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in albums.php in Umer Inc Songs Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5926 | 1 Asp-dev | 1 Internal E-mail System | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.asp in ASP-DEv Internal E-Mail System allow remote attackers to execute arbitrary SQL commands via the (1) login parameter (aka user field) or the (2) password parameter (aka pass field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5927 | 1 China-on-site | 1 Flexphpnews | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote attackers to execute arbitrary SQL commands via the (1) checkuser parameter (aka username field) or (2) checkpass parameter (aka password field) to admin/index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5928 | 1 Flds-script | 1 Flds | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in redir.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5930 | 1 The Net Guys | 1 Aspired2blog | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ASPired2Blog allows remote attackers to execute arbitrary SQL commands via the BlogID parameter. | |||||
| CVE-2008-5934 | 1 Cmsisweb | 1 Cms Isweb | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows remote attackers to execute arbitrary SQL commands via the id_sezione parameter. | |||||
| CVE-2008-5950 | 1 Aspapps | 1 Template Creature | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote attackers to execute arbitrary SQL commands via the mcatid parameter. | |||||
| CVE-2008-5952 | 1 Ktp Computer Customer Database | 1 Ktp Computer Customer Database | 2017-09-28 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the tid parameter in a vtech action to the default URI. | |||||
| CVE-2008-5955 | 1 Phpstreet | 1 Webboard | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show.php in Wbstreet (aka PHPSTREET Webboard) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5958 | 1 Activewebsoftwares | 1 Active Test | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp. | |||||
| CVE-2008-5959 | 1 Active Web Softwares | 1 Active Test | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or (2) password parameter (aka password field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5969 | 1 Sunbyte | 1 E-flower | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in popupproduct.php in Sunbyte e-Flower allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5972 | 1 Activewebsoftwares | 1 Active Business Directory | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Active Business Directory 2 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-5973 | 1 Activewebsoftwares | 1 Active Web Mail | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.aspx in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2008-5974 | 1 Activewebsoftwares | 1 Active Price Comparison | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.aspx in Active Price Comparison 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) password and (2) username fields. | |||||
| CVE-2008-5988 | 1 Jadu | 1 Jadu Cms For Government | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in scripts/recruit_details.php in Jadu CMS for Government allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||