Total
9311 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-4620 | 2 Joomla, Joomloc | 2 Joomla\!, Com Joomloc | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Joomloc (com_joomloc) component 1.0 for Joomla allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php. | |||||
CVE-2009-4792 | 1 Karl Core | 1 Bandsite Cms | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in includes/content/member_content.php in BandSite CMS 1.1.4 allows remote attackers to execute arbitrary SQL commands via the memid parameter to members.php. | |||||
CVE-2009-4628 | 2 Joomla, Templateplaza | 2 Joomla\!, Com Tpdugg | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the TemplatePlaza.com TPDugg (com_tpdugg) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tags action to index.php. | |||||
CVE-2009-4797 | 1 Jobhut.spranger | 1 Jobhut | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in browse.php in JobHut 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pk parameter. | |||||
CVE-2009-4798 | 1 Diskos | 1 Diskos Cms | 2017-09-18 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Diskos CMS 6.x allow remote attackers to execute arbitrary SQL commands via the (1) kat parameter to side.asp, and the (2) brugerid and (3) password fields to the administration login feature. | |||||
CVE-2009-4748 | 2 Andrew Charlton, Wordpress | 2 My Category Order, Wordpress | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in mycategoryorder.php in the My Category Order plugin 2.8 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the parentID parameter in an act_OrderCategories action to wp-admin/post-new.php. | |||||
CVE-2009-5091 | 1 Vlinks | 1 Vlinks | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2009-4734 | 1 Allomani | 1 Movies Library | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | |||||
CVE-2009-4732 | 1 Technotoad | 1 Tt Web Site Manager | 2017-09-18 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tt_name parameter. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-4733 | 1 Supercrackmunkey | 1 Simpleloginsys | 2017-09-18 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-4698 | 2 Alexandre Amaral, Xoops | 2 Xoops Celepar, Xoops | 2017-09-18 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the Qas (aka Quas) module for XOOPS Celepar allow remote attackers to execute arbitrary SQL commands via the codigo parameter to (1) aviso.php and (2) imprimir.php, and the (3) cod_categoria parameter to categoria.php. | |||||
CVE-2009-4940 | 1 Zeuscart | 1 Zeuscart | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in Zeus Cart 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the maincatid parameter in a showmaincatlanding action. | |||||
CVE-2009-4696 | 1 Radscripts | 1 Radnics | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in RadNICS Gold 5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action. | |||||
CVE-2009-4938 | 2 Joomla, Warphd | 2 Joomla\!, Com Jvideo | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php. | |||||
CVE-2009-4973 | 1 Sweetphp | 1 Totalcalendar | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows remote attackers to execute arbitrary SQL commands via the selectedCal parameter in a SwitchCal action. | |||||
CVE-2009-5088 | 1 Ideacart | 1 Ideacart | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in secure/index.php in IdeaCart 0.02 allows remote attackers to execute arbitrary SQL commands via the cID parameter. | |||||
CVE-2009-4935 | 1 Esoftpro | 1 Online Guestbook Pro | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in ogp_show.php in Online Guestbook Pro allows remote attackers to execute arbitrary SQL commands via the display parameter. | |||||
CVE-2009-4618 | 1 Tourismscripts | 1 Bus Script | 2017-09-18 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Tourism Script Bus Script allow remote attackers to execute arbitrary SQL commands via the sitetext_id parameter to (1) aboutus.php and (2) faq.php. | |||||
CVE-2009-4728 | 1 Questions Answered | 1 Questions Answered | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the administrative interface in Questions Answered 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-4621 | 2 Discuz, Patching | 2 Discuz\!, Jianghu Inn | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JiangHu Inn plugin 1.1 and earlier for Discuz! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to forummission.php. |