Total
9311 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-4807 | 1 Graugon | 1 Php Article Publisher | 2017-09-18 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Graugon PHP Article Publisher 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) c parameter to index.php and the (2) id parameter to view.php. | |||||
CVE-2009-4680 | 1 Phpdirectorysource | 1 Phpdirectorysource | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in search.php in phpDirectorySource 1.x allows remote attackers to execute arbitrary SQL commands via the st parameter. | |||||
CVE-2009-4695 | 1 Radscripts | 1 Radlance | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action. | |||||
CVE-2009-4982 | 1 Irokez | 1 Irokez Cms | 2017-09-18 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in the select function in Irokez CMS 0.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to the default URI. | |||||
CVE-2009-4985 | 1 Websitesrus | 1 Accessories Me Php Affiliate Script | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in browse.php in Accessories Me PHP Affiliate Script 1.4 allows remote attackers to execute arbitrary SQL commands via the Go parameter. | |||||
CVE-2009-4722 | 1 Limny | 1 Limny | 2017-09-18 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
CVE-2009-4727 | 1 Junglescripts | 1 Ajax Short Url Script | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in x/login in JungleScripts Ajax Short Url Script allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
CVE-2009-5094 | 1 Cmsfaethon | 1 Cms Faethon | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate allows remote attackers to execute arbitrary SQL commands via the item parameter. | |||||
CVE-2009-4933 | 1 Winterwebs | 1 Ezwebitor | 2017-09-18 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in login.php in EZ Webitor allow remote attackers to execute arbitrary SQL commands via the (1) txtUserId (Username) and (2) txtPassword (Password) parameters. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-4617 | 1 Tourismscripts | 1 Tourism Script Accomodation Hotel Booking Portal Script | 2017-09-18 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Tourism Script Accommodation Hotel Booking Portal Script allow remote attackers to execute arbitrary SQL commands via the hotel_id parameter to (1) hotel.php, (2) details.php, (3) roomtypes.php, (4) photos.php, (5) map.php, (6) weather.php, (7) reviews.php, and (8) book.php. | |||||
CVE-2009-4624 | 1 Nicecoder | 1 Idesk | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in download.php in Nicecoder iDesk allows remote attackers to execute arbitrary SQL commands via the cat_id parameter, a different vector than CVE-2005-3843. | |||||
CVE-2009-4862 | 1 Abushhab | 1 Alwasel | 2017-09-18 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Alwasel 1.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) show.php and (2) xml.php. | |||||
CVE-2009-4667 | 1 Phpmember | 1 Webmember | 2017-09-18 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in form.php in WebMember 1.0 allows remote authenticated users to execute arbitrary SQL commands via the formID parameter. | |||||
CVE-2009-4625 | 2 Joomla, Tamlyncreative | 2 Joomla\!, Com Bfsurvey Profree | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in the updateOnePage function in components/com_bfsurvey_pro/controller.php in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4, and other versions before 1.2.6, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the table parameter in an updateOnePage action to index.php. | |||||
CVE-2009-4721 | 1 Andrews-web | 1 Aw-bannerad | 2017-09-18 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Admin/index.asp in Andrews-Web (A-W) BannerAd 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) User and (2) Password parameters. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-4891 | 1 Cs-cart | 1 Cs-cart | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in CS-Cart 2.0.0 Beta 3 allows remote attackers to execute arbitrary SQL commands via the product_id parameter in a products.view action. | |||||
CVE-2009-4687 | 1 Hypersilence | 1 Silentum Guestbook | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in silentum_guestbook.php in Silentum Guestbook 2.0.2 allows remote attackers to execute arbitrary SQL commands via the messageid parameter. | |||||
CVE-2009-4870 | 1 Phpcityportal | 1 Phpcityportal | 2017-09-18 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in login.php in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the (1) req_username (aka Username) and (2) req_password (aka Password) parameters. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-4889 | 2 Basti2web, Php-fusion | 2 Book Panel, Php-fusion | 2017-09-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in books.php in the Book Panel (book_panel) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the bookid parameter. | |||||
CVE-2009-5090 | 1 Daman371 | 1 Bloggeruniverse | 2017-09-18 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in editcomments.php in Bloggeruniverse Beta 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter and possibly other unspecified vectors. |