Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-89
Total 9311 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-5061 1 Clansphere 1 Clansphere 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in mods/banners/navlist.php in Clansphere 2007.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php in a banners action.
CVE-2007-5068 1 Phpfullannu 1 Phpfullannu 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in index.php in phpFullAnnu (PFA) 6.0 allows remote attackers to execute arbitrary SQL commands via the mod parameter.
CVE-2007-5122 1 Softbizscripts 1 Classifieds Plus Script 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in store_info.php in SoftBiz Classifieds PLUS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-5177 2 Mambads, Mambo 2 Mambads, Mambo 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in index.php in the MambAds (com_mambads) 1.5 and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the caid parameter.
CVE-2007-5222 1 Maxdev 1 Mdpro 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.76 allows remote attackers to execute arbitrary SQL commands via a "Firefox ID=" substring in a Referer HTTP header.
CVE-2007-5261 1 Iscripts 1 Multicart 2017-09-28 6.4 MEDIUM N/A
Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php.
CVE-2007-5233 1 Deonixscripts 1 Web Template Management System 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a readmore action.
CVE-2007-5272 1 Furkan Tastan Blog 1 Furkan Tastan Blog 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote attackers to execute arbitrary SQL commands via the id parameter in a goster kat action.
CVE-2007-5308 1 Php Homepage M 1 Php Homepage M 2017-09-28 6.8 MEDIUM N/A
SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.
CVE-2007-5316 1 Softbizscripts 1 Softbiz Jobs And Recruitment Script 2017-09-28 5.0 MEDIUM N/A
SQL injection vulnerability in browsecats.php in Softbiz Jobs and Recruitment Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2007-5408 1 Cplinks 1 Cpdynalinks 2017-09-28 6.8 MEDIUM N/A
SQL injection vulnerability in category.php in cpDynaLinks 1.02 allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2007-5449 1 Softbiz 1 Recipes Portal Script 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in searchresult.php in Softbiz Recipes Portal Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter.
CVE-2007-5452 1 Php-stats 1 Php-stats 2017-09-28 10.0 HIGH N/A
Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote attackers to execute arbitrary SQL commands via the (1) ip or (2) t parameter.
CVE-2007-5458 1 Alorys-hebergement 2 Kwsphp, Newsletter Module 2017-09-28 6.8 MEDIUM N/A
SQL injection vulnerability in index.php in the newsletter module 1.0 for KwsPHP, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsletter parameter.
CVE-2007-5485 1 Kwsphp 1 Kwsphp 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in index.php in the mg2 1.0 module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the album parameter.
CVE-2007-5490 1 Okulumunsitesi 1 Portal 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in default.asp in Okul Otomasyon Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-5643 1 Lussumo 1 Vanilla 2017-09-28 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the CategoryID parameter to ajax/sortcategories.php or (2) an unspecified vector to ajax/sortroles.php.
CVE-2007-5630 1 Bbsprocess 1 Bbportals 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.10 through 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a tnews action.
CVE-2007-5679 1 Deeemm 1 Dmcms 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected.
CVE-2007-5719 1 Minibb 1 Minibb 2017-09-28 7.5 HIGH N/A
SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows remote attackers to execute arbitrary SQL commands via the table parameter to index.php.