Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6120 | 1 Socialengine | 1 Socialengine | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile_comments.php in SocialEngine (SE) 2.7 and earlier allows remote attackers to execute arbitrary SQL commands via the comment_secure parameter. | |||||
| CVE-2009-0326 | 1 Dark Age Cms | 1 Dark Age Cms | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Dark Age CMS 0.2c beta allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-0332 | 1 Avbooklibrary | 1 Avbooklibrary | 2017-08-07 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in AV Book Library before 1.1 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) admin/edit.php, (2) admin/add.php, (3) lib/book_search.php, and possibly other components. | |||||
| CVE-2009-0401 | 1 Ephpscripts | 1 E-php Cms | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-0402 | 1 Gplhost | 1 Domain Technologie Control | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in client/new_account.php in Domain Technologie Control (DTC) before 0.29.16 allows remote attackers to execute arbitrary SQL commands via the (1) familyname, (2) christname, (3) company_name, (4) is_company, (5) email, (6) phone, (7) fax, (8) addr1, (9) addr2, (10) addr3, (11) zipcode, (12) city, (13) state, (14) country, and (15) vat_num parameters. | |||||
| CVE-2008-4431 | 1 Icebb | 1 Icebb | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and earlier allows remote attackers to execute arbitrary SQL commands via the skin parameter, probably related to an incorrect protection mechanism in the clean_string function in includes/functions.php. | |||||
| CVE-2008-3672 | 1 Pozscripts | 1 Classified Ads | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showcategory.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3673. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3682 | 1 Ypninc | 1 Php Realty | 2017-08-07 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in dpage.php in YPN PHP Realty allows remote attackers to execute arbitrary SQL commands via the docID parameter. | |||||
| CVE-2008-3701 | 1 Kayako | 1 Supportsuite | 2017-08-07 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in staff/index.php in Kayako SupportSuite 3.20.02 and earlier allows remote authenticated users to execute arbitrary SQL commands via the customfieldlinkid parameter in a delcflink action. | |||||
| CVE-2008-3722 | 1 Fipsasp | 1 Fipscms | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3724 | 1 Papoo | 1 Papoo | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Papoo before 3.7.2 allows remote attackers to execute arbitrary SQL commands via the suchanzahl parameter. | |||||
| CVE-2008-3752 | 1 Yourfreeworld | 1 Ad-exchange Script | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Ad-Exchange Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3753 | 1 Yourfreeworld | 1 Programs Rating Script | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in details.php in YourFreeWorld Programs Rating Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3774 | 1 Simasy | 1 Simasy Cms | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Simasy CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4303 | 1 Php-collab | 1 Php-collab | 2017-08-07 | 6.8 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and earlier allow remote attackers to execute arbitrary SQL commands via the loginForm parameter to general/login.php, and unspecified other vectors. | |||||
| CVE-2008-3887 | 1 Dotproject | 1 Dotproject | 2017-08-07 | 6.0 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in index.php in dotProject 2.1.2 allow (1) remote authenticated users to execute arbitrary SQL commands via the tab parameter in a projects action, and (2) remote authenticated administrators to execute arbitrary SQL commands via the user_id parameter in a viewuser action. | |||||
| CVE-2008-3918 | 1 Ovidentia | 1 Ovidentia | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the field parameter in a search action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3942 | 1 Ozsari | 1 Full Php Emlak Script | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in landsee.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4046 | 1 Elitecms | 1 Elitecms | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in eliteCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2008-4459 | 1 Extrovert Software | 1 Thyme | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pick_users.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the uname_search parameter. NOTE: some of these details are obtained from third party information. | |||||