Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1874 | 1 Xpoze | 1 Xpoze Pro | 2017-09-28 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in account/user/mail.html in Xpoze Pro 3.05 and earlier allows remote authenticated users to execute arbitrary SQL commands via the reed parameter. | |||||
| CVE-2008-1875 | 1 Terong | 1 Advanced Web Photo Gallery | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 allows remote attackers to execute arbitrary SQL commands via the photo_id parameter. | |||||
| CVE-2008-1889 | 1 Xplodphp | 1 Autotutorials | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials 2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1909 | 1 Chadha Software Technologies | 1 Phpkb Knowledge Base | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2008-1911 | 1 1024 Cms | 1 1024 Cms | 2017-09-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a cookpass cookie. | |||||
| CVE-2008-1913 | 1 Lasernet Cms | 1 Lasernet Cms | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the new parameter in a new action. | |||||
| CVE-2008-1915 | 1 Devworx | 1 Blogworx | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.asp in DevWorx BlogWorx 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1918 | 1 Php-fusion | 1 Php-fusion | 2017-09-28 | 6.0 MEDIUM | N/A |
| SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magic_quotes_gpc is disabled and the database table prefix is known, allows remote authenticated users to execute arbitrary SQL commands via the submit_info[] parameter in a link submission action. NOTE: it was later reported that 7.00.2 is also affected. | |||||
| CVE-2008-1919 | 1 Yourfreeworld | 1 Apartment Search Script | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in listtest.php in YourFreeWorld Apartment Search Script allows remote attackers to execute arbitrary SQL commands via the r parameter. | |||||
| CVE-2008-1934 | 1 Crazy Goomba | 1 Crazy Goomba | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in commentaires.php in Crazy Goomba 1.2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-1935 | 1 Joomla | 1 Joomla | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the idFiliale parameter. | |||||
| CVE-2008-1939 | 1 Aspindir | 1 Philboard | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in W1L3D4 Philboard 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) topic parameters to (a) philboard_reply.asp, and the (3) forumid parameter to (b) philboard_newtopic.asp, different vectors than CVE-2007-2641 and CVE-2007-0920. | |||||
| CVE-2008-1954 | 1 Webcalendar | 1 Web Calendar Pro | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in one_day.php in Web Calendar Pro 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | |||||
| CVE-2008-1957 | 1 Easyscripts | 1 Tr Script News | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in Tr Script News 2.1 allows remote attackers to execute arbitrary SQL commands via the nb parameter in voir mode. | |||||
| CVE-2008-1961 | 1 Php Resource | 1 Voice Of Web Allmyguests | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to execute arbitrary SQL commands via the AMG_id parameter in a comments action. | |||||
| CVE-2008-1975 | 1 Cogites | 1 E Reserve | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in E-RESERV 2.1 allows remote attackers to execute arbitrary SQL commands via the ID_loc parameter. | |||||
| CVE-2008-1982 | 1 Wordpress | 2 Wordpress, Wpss | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ss_load.php in the Spreadsheet (wpSS) 0.6 and earlier plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter. | |||||
| CVE-2008-2012 | 1 Postnuke Software Foundation | 1 Postschedule | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the eid parameter in an event action. | |||||
| CVE-2008-2013 | 1 Pnflashgames | 1 Pnflashgames | 2017-09-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in the pnFlashGames 1.5 through 2.5 module for PostNuke, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a display action. | |||||
| CVE-2008-2023 | 1 Pd9 Software | 1 Megabbs | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) invisible and (2) timeoffset parameters to profile/controlpanel.asp and the (3) attachmentid parameter to forums/attach-file.asp. | |||||