Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3715 | 1 Maniacomputer | 1 Mcshoutbox | 2017-09-18 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2009-3718 | 1 Davethewebguy | 1 Battle Blog | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote attackers to execute arbitrary SQL commands via the UserName parameter. | |||||
| CVE-2009-3750 | 1 Santostefano Giovanni | 1 Toylog | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.php in ToyLog 0.1 allows remote attackers to execute arbitrary SQL commands via the idm parameter. | |||||
| CVE-2009-3752 | 1 Opial | 1 Opial | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in home.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the genres_parent parameter. | |||||
| CVE-2009-3754 | 1 Kreotek | 1 Phpbms | 2017-09-18 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in phpBMS 0.96 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to modules/bms/invoices_discount_ajax.php, (2) f parameter to dbgraphic.php, and (3) tid parameter in a show action to advancedsearch.php. | |||||
| CVE-2009-3758 | 1 Citrix | 1 Xencenterweb | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3964 | 2 Joomla, Ninjaforge | 2 Joomla\!, Com Ninjamonials | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the NinjaMonials (com_ninjacentral) component 1.1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the testimID parameter in a display action to index.php. | |||||
| CVE-2009-4198 | 1 Cupidsystems | 1 Myminibill | 2017-09-18 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in my_orders.php in MyMiniBill allows remote authenticated users to execute arbitrary SQL commands via the orderid parameter in a status action. | |||||
| CVE-2009-4200 | 2 Joomla, Vollmar | 2 Joomla\!, Com Seminar | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Seminar (com_seminar) component 1.28 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a View_seminar action to index.php. | |||||
| CVE-2009-4477 | 1 Xstate | 1 Real Estate | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2009-4199 | 3 Joomla, Mambo-foundation, Mamboforge | 3 Joomla\!, Mambo, Com Mosres | 2017-09-18 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos Res or com_mosres) component 1.0f for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) property_uid parameter in a viewproperty action to index.php and the (2) regID parameter in a showregion action to index.php. | |||||
| CVE-2009-4474 | 2 Mambo-foundation, Mikedeboer | 2 Mambo, Com Zoom | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Mike de Boer zoom (com_zoom) component 2.0 for Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||
| CVE-2009-4564 | 1 Zenphoto | 1 Zenphoto | 2017-09-18 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ZenPage plugin is enabled, allows remote attackers to execute arbitrary SQL commands via the category parameter, related to a URI under news/category/. | |||||
| CVE-2009-3972 | 2 Joomla, Qproje | 2 Joomla\!, Com Siirler | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Q-Proje Siirler Bileseni (com_siirler) component 1.2 RC for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in an sdetay action to index.php. | |||||
| CVE-2009-4560 | 1 Worms-league | 1 Webleague | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in WebLeague 2.2.0 allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||||
| CVE-2009-4203 | 1 Arabportal | 1 Arab Portal | 2017-09-18 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php in Arab Portal 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) X-Forwarded-For or (2) Client-IP HTTP header in a request to the default URI under admin/. | |||||
| CVE-2009-4204 | 1 Ringsworld | 1 Flashlight Free Edition | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.php in Flashlight Free Edition allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-4540 | 1 Bpowerhouse | 1 Mini Cms | 2017-09-18 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in page.php in Mini CMS 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-4550 | 2 Joomla, Kunena | 2 Joomla\!, Kunena Forum | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Kunena Forum (com_kunena) component 1.5.3 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the func parameter to index.php. | |||||
| CVE-2009-4615 | 1 Myrephp | 1 Myre Holiday Rental Manager | 2017-09-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in review.php in MYRE Holiday Rental Manager allows remote attackers to execute arbitrary SQL commands via the link_id parameter in a show_review action. | |||||