Total
16375 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6258 | 1 Quadcomm | 1 Q-shop | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108. | |||||
| CVE-2008-3345 | 1 Myiosoft | 1 Easye-cards | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a pickup action. | |||||
| CVE-2007-0794 | 1 Globalmegacorp | 1 Dvddb | 2025-04-09 | 7.5 HIGH | N/A |
| ** DISPUTED ** SQL injection vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: this issue has been disputed by a reliable third party, who states that inc/common.php only contains function definitions. | |||||
| CVE-2008-6434 | 1 Blueriver | 1 Sava Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to execute arbitrary SQL commands via the LinkServID parameter. | |||||
| CVE-2008-6237 | 1 Scripts-for-sites | 1 Hotscripts-like Site | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in software-description.php in Scripts For Sites (SFS) Hotscripts-like Site allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-2402 | 1 Phpecho Cms | 1 Phpecho Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a thread action, a different vector than CVE-2008-0355. | |||||
| CVE-2008-0942 | 1 Aeries | 1 Aeries Student Information System | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote attackers to execute arbitrary SQL commands via the GrdBk parameter. | |||||
| CVE-2009-1909 | 1 Openskip | 1 Skip | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-4901 | 1 Scripts Frenzy | 1 Article Publisher Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/admin.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2006-7025 | 1 Sangwan Kim | 1 Bookmark4u | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/config.php in Bookmark4U 2.0 and 2.1 allows remote attackers to inject arbitrary SQL command via the sqlcmd parameter. | |||||
| CVE-2009-3224 | 2 68classifieds, Classified-software | 2 68 Classifieds, Super Mod System | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Super Mod System, when using the 68 Classifieds 3.1 Core System, allows remote attackers to execute arbitrary SQL commands via the s parameter. | |||||
| CVE-2009-4058 | 1 Telebidauctionscript | 1 Telebid Auction Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in allauctions.php in Telebid Auction Script allows remote attackers to execute arbitrary SQL commands via the aid parameter. | |||||
| CVE-2009-2359 | 1 Yasinkaplan | 1 Tekradius | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in TekRADIUS 3.0 allow context-dependent attackers to execute arbitrary SQL commands via (1) the GUI client, as demonstrated by input to the Browse Users text box in the Users tab; or (2) the command-line client, as demonstrated by a certain trcli -r command. | |||||
| CVE-2008-6029 | 1 Buzzywall | 1 Buzzywall | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2008-0714 | 1 Mihalism | 1 Multi Host | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in users.php in Mihalism Multi Host allows remote attackers to execute arbitrary SQL commands via the username parameter in a lost_password_go action. | |||||
| CVE-2008-4090 | 1 Couponscript | 1 Coupon Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHP Coupon Script 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an addtocart action, a different vector than CVE-2007-2672. | |||||
| CVE-2008-6268 | 1 Sadi Samami | 1 Multi Languages Webshop Online | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-1814 | 1 Jevontech | 1 Phpenpals | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the profile.php vector is already covered by CVE-2006-0074. | |||||
| CVE-2008-2760 | 1 Xigla | 1 Absolute Banner Manager | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in searchbanners.asp in Xigla Absolute Banner Manager XE 2.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. | |||||
| CVE-2008-5634 | 1 Activewebsoftwares | 1 Active Force Matrix | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in account.asp in Active Force Matrix 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information. | |||||