Total
9311 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-6666 | 1 Zenphoto | 1 Zenphoto | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 allows remote attackers to execute arbitrary SQL commands via the albumnr parameter. | |||||
CVE-2007-6667 | 1 Myphp | 1 Myphp Forum | 2017-09-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the member.php vector is already covered by CVE-2005-0413. | |||||
CVE-2008-0089 | 1 Clip-share | 1 Clipshare | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter. | |||||
CVE-2008-0099 | 1 Myphp Forum | 1 Myphp Forum | 2017-09-28 | 6.8 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the searchtext parameter to search.php, and unspecified other vectors. | |||||
CVE-2008-0129 | 1 Siteatschool | 1 Siteatschool | 2017-09-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and earlier allows remote attackers to execute arbitrary SQL commands via the album_name parameter. | |||||
CVE-2008-0133 | 1 Thomas Perez | 1 Tribisur | 2017-09-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to cat_main.php and the (2) cat parameter to forum.php in a liste action. | |||||
CVE-2008-0137 | 1 Snetworks | 1 Php Classifieds | 2017-09-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in config.inc.php in SNETWORKS PHP CLASSIFIEDS 5.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter. | |||||
CVE-2008-0795 | 3 Joomla, Mambo, Mgfi | 3 Joomla, Mambo, Xfaq | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action. | |||||
CVE-2008-0138 | 1 Xoops | 1 Xoopsgallery Module | 2017-09-28 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php in the mod_gallery module for XOOPS, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter. | |||||
CVE-2008-0142 | 1 Webportal | 1 Webportal Cms | 2017-09-28 | 6.8 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in WebPortal CMS 0.6-beta allow remote attackers to execute arbitrary SQL commands via the user_name parameter to actions.php, and unspecified other vectors. | |||||
CVE-2008-0144 | 1 Phprisk | 1 Netrisk | 2017-09-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences. | |||||
CVE-2008-0147 | 1 Smallnuke | 1 Smallnuke | 2017-09-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in index.php in SmallNuke 2.0.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via (1) the user_email parameter and possibly (2) username parameter in a Members action. | |||||
CVE-2008-0154 | 1 Evilboard | 1 Evilboard | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to execute arbitrary SQL commands the c parameter. | |||||
CVE-2008-0157 | 1 Flexbb | 1 Flexbb | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in FlexBB 0.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_temp_id parameter in a cookie. | |||||
CVE-2008-0159 | 1 Eggblog | 1 Eggblog | 2017-09-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the eggblogpassword parameter in a cookie. | |||||
CVE-2008-0187 | 1 Spacial Audio Solutions | 1 Samphpweb | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in songinfo.php in SAM Broadcaster samPHPweb, possibly 4.2.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the songid parameter. | |||||
CVE-2008-0219 | 1 Php Webquest | 1 Php Webquest | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in soporte_horizontal_w.php in PHP Webquest 2.6 allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter, a different vector than CVE-2007-4920. | |||||
CVE-2008-0232 | 1 Zero Cms | 1 Zero Cms | 2017-09-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Zero CMS 1.0 Alpha allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to index.php, or the (2) f or t parameters to forums/index.php. | |||||
CVE-2008-0254 | 1 Wavelink Media | 1 Tutorialcms | 2017-09-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter. | |||||
CVE-2008-0255 | 1 Igamingcms | 1 Igaming Cms | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter. |