Total
11922 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4027 | 1 Simplemedia | 1 Simplebbs | 2008-09-20 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SimpleBBS 1.1 allows remote attackers to execute arbitrary SQL commands via unspecified search module parameters. | |||||
| CVE-2008-4055 | 1 Texmedia | 1 Million Pixel Script | 2008-09-12 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tops_top.php in Million Pixel Ad Script (Million Pixel Script) allows remote attackers to execute arbitrary SQL commands via the id_cat parameter. | |||||
| CVE-2008-3754 | 1 Yourfreeworld | 1 Stylish Text Ads Script | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3590 | 1 Egi Zaberl | 1 E.z. Poll | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. Poll 2 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2858 | 1 Webchamado | 1 Webchamado | 2008-09-05 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the eml parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-1341 | 1 Lagarde | 1 Storefront | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFront 6 before SP8 allows remote attackers to execute arbitrary SQL commands via the CategoryId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-1065 | 1 Xoops | 1 Xm Memberstats | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in the XM-Memberstats (xmmemberstats) 2.0e module for XOOPS allow remote attackers to execute arbitrary SQL commands via the (1) letter or (2) sortby parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0937 | 2 Tinyevent, Xoops | 2 Tinyevent, Tiny Event Module | 2008-09-05 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811. | |||||
| CVE-2008-0936 | 1 Xoops | 1 Prayer List Module | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | |||||
| CVE-2008-0846 | 2 Joomla, Mambo | 2 Com Profile, Com Profile | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter. | |||||
| CVE-2008-0685 | 1 Itechscripts | 1 Itechclassifieds | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter. | |||||
| CVE-2008-0651 | 1 Pedro Santana Codice | 1 Cms | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0650 | 1 Simple Os Cms | 1 Simple Os Cms | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-6484 | 1 Phprpg | 1 Phprpg | 2008-09-05 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in phpRPG 0.8 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-6469 | 1 Phprpg | 1 Phprpg | 2008-09-05 | 9.3 HIGH | N/A |
| SQL injection vulnerability in index.php in phpRPG 0.8, when magic_qutoes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6380 | 1 E-xoops | 1 E-xoops | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08, and 1.05 Rev 1 through 3, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to (a) mylinks/ratelink.php, (b) adresses/ratefile.php, (c) mydownloads/ratefile.php, (d) mysections/ratefile.php, and (e) myalbum/ratephoto.php in modules/; the (2) bid parameter to (f) modules/banners/click.php; and the (3) gid parameter to (g) modules/arcade/index.php in a show_stats and play_game action, related issues to CVE-2007-5104 and CVE-2007-6266. | |||||
| CVE-2007-6032 | 1 Aleris | 1 Web Publishing Server | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendar/page.asp in Aleris Web Publishing Server 3.0 allows remote attackers to execute arbitrary SQL commands via the mode parameter. | |||||
| CVE-2004-2754 | 1 Yabb | 1 Yabb Se | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions. | |||||
| CVE-2003-1520 | 1 Fuzzymonkey | 1 Myclassifieds | 2008-09-05 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter. | |||||
| CVE-2003-1244 | 1 Phpbb Group | 1 Phpbb | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php. | |||||