Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3500 | 1 Bpowerhouse | 1 Bpgames | 2009-09-30 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php. | |||||
| CVE-2009-3502 | 1 Bpowerhouse | 1 Bpmusic | 2009-09-30 | 7.5 HIGH | N/A |
| SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote attackers to execute arbitrary SQL commands via the music_id parameter. | |||||
| CVE-2009-3503 | 1 Bpowerhouse | 1 Bpholidaylettings | 2009-09-30 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) rid and (2) tid parameters. | |||||
| CVE-2009-3504 | 1 Alibabaclone | 1 Alibaba Clone | 2009-09-30 | 7.5 HIGH | N/A |
| SQL injection vulnerability in offers_buy.php in Alibaba Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-3443 | 2 Fastballproductions, Joomla | 2 Com Fastball, Joomla | 2009-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Fastball (com_fastball) component 1.1.0 through 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the league parameter to index.php. | |||||
| CVE-2009-3226 | 1 Almondsoft | 2 Affiliate Network Classifieds, Almond Classifieds | 2009-09-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3125 | 1 Mozilla | 1 Bugzilla | 2009-09-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | |||||
| CVE-2009-3165 | 1 Mozilla | 1 Bugzilla | 2009-09-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | |||||
| CVE-2009-3184 | 1 Grapari | 1 E-gold Game Series\ | 2009-09-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Pirates of The Caribbean in the E-Gold Game Series allow remote attackers to execute arbitrary SQL commands via the (1) x and (2) y parameters. | |||||
| CVE-2009-3118 | 1 Danneo | 1 Cms | 2009-09-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mod/poll/comment.php in the vote module in Danneo CMS 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the comtext parameter, in conjunction with crafted comname and comtitle parameters, in a poll action to index.php, related to incorrect input sanitization in base/danneo.function.php. | |||||
| CVE-2009-3119 | 2 Php-fusion, X-iweb.ru | 2 Php-fusion, Download System Msf | 2009-09-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in screen.php in the Download System mSF (dsmsf) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the view_id parameter. | |||||
| CVE-2009-3082 | 1 Snowhall | 1 Silurus System | 2009-09-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wcategory.php in Snow Hall Silurus System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-3059 | 1 Allpublication | 1 Jboard | 2009-09-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Joker Board (aka JBoard) 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) core/select.php or (2) the city parameter to top_add.inc.php, reachable through sboard.php. | |||||
| CVE-2009-3061 | 1 Alqa6ari | 1 Script Q R | 2009-09-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lesson.php in Alqatari Q R Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6275 | 1 Bcoos | 1 Bcoos | 2009-09-02 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/adresses/ratefile.php in bcoos 1.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter, a different vector than CVE-2007-6266. | |||||
| CVE-2008-7120 | 1 Mrcgiguy | 1 Hot Links Sql-php | 2009-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter. | |||||
| CVE-2009-2915 | 1 2fly | 1 Gift Delivery System | 2009-08-21 | 7.5 HIGH | N/A |
| SQL injection vulnerability in 2fly_gift.php in 2FLY Gift Delivery System 6.0 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a content action. | |||||
| CVE-2009-2144 | 3 Edgewall, Firestats, Wordpress | 3 Firestats, Firestats, Wordpress | 2009-08-20 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-0738 | 1 Shoppingtree | 1 Candypress Store | 2009-08-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idcust parameter to (a) ajax_getTiers.asp and (b) ajax_getCust.asp in ajax/, and the (2) tableName parameter to (c) ajax/ajax_tableFields.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0739 | 1 Shoppingtree | 1 Candypress Store | 2009-08-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and earlier 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the FedExAccount parameter. | |||||