Total
11922 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2819 | 1 Blognplus | 1 Blognplus | 2017-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL editions allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-2775 | 1 Dt Centrepiece | 1 Dt Centrepiece | 2017-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.asp in DT Centrepiece 4.0 allows remote attackers to execute arbitrary SQL commands via the searchFor parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2767 | 1 Xigla | 1 Absolute Poll Manager Xe | 2017-08-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to execute arbitrary SQL commands via the orderby parameter. | |||||
| CVE-2008-2765 | 1 Xigla | 1 Absolute Image Gallery Xe | 2017-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.asp in Xigla Absolute Image Gallery XE allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action. | |||||
| CVE-2008-2763 | 1 Xigla | 1 Absolute Live Support Xe | 2017-08-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in search.asp in Xigla Absolute Live Support XE 5.1 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. | |||||
| CVE-2008-2762 | 1 Xigla | 1 Absolute Form Processor Xe | 2017-08-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in search.asp in Xigla Absolute Form Processor XE 4.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. | |||||
| CVE-2008-2760 | 1 Xigla | 1 Absolute Banner Manager | 2017-08-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in searchbanners.asp in Xigla Absolute Banner Manager XE 2.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. | |||||
| CVE-2008-2757 | 1 Xigla | 1 Absolute News Manager Xe | 2017-08-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in search.asp in Xigla Absolute News Manager XE 3.2 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. | |||||
| CVE-2008-2685 | 1 Battleblog | 1 Battleblog | 2017-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter, a different vector than CVE-2008-2626. | |||||
| CVE-2008-2523 | 1 Raknet | 1 Autopatcher Server | 2017-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Autopatcher server plugin in RakNet before 3.23 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-2498 | 1 Mambo-foundation | 1 Mambo | 2017-08-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2489 | 1 Typo3 | 1 Sg Zfelib | 2017-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified "user input." | |||||
| CVE-2008-2425 | 1 Fichive | 1 Fichive | 2017-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the letter parameter in a Search action, a different vector than CVE-2008-2416. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2422 | 1 Webslider | 1 Webslider | 2017-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Web Slider 0.6 allows remote attackers to execute arbitrary SQL commands via the slide parameter in a slides action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2412 | 1 Acgv.free | 1 Acgv News | 2017-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2381 | 1 Gforge | 1 Gforge | 2017-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable. | |||||
| CVE-2008-2380 | 1 Courier-mta | 1 Courtier-authlib | 2017-08-08 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes. | |||||
| CVE-2008-2334 | 1 Aspindir | 1 Philboard | 2017-08-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2231 | 1 Slashcode.com | 1 Slash | 2017-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) R_2_5_0_94 and earlier allows remote attackers to execute SQL commands and read table information via the id parameter. | |||||
| CVE-2008-2184 | 1 Toocharger | 1 Smartblog | 2017-08-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SMartBlog (aka SMBlog) 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) mois, (2) an, (3) jour, and (4) id parameters to index.php, and the (5) login parameter to gestion/logon.php, different vectors than CVE-2008-2183. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||