Total
16374 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-2890 | 1 Offl | 1 Online Fantasy Football League | 2025-04-09 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.php, the (2) league_id parameter to leagues.php, and the (3) player_id parameter to players.php. | |||||
CVE-2008-2556 | 1 Hessel Brouwer | 1 Php Visit Counter | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in read.php in PHP Visit Counter 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the datespan parameter in a read action. | |||||
CVE-2008-3725 | 1 Yourfreeworld | 1 Ad Board Script | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in trr.php in YourFreeWorld Ad Board Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2007-0642 | 1 Rbl | 1 Tforum | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL - ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp. | |||||
CVE-2008-5641 | 1 Activewebsoftwares | 1 Active Photo Gallery | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
CVE-2008-2223 | 1 Buyscripts | 1 Vshare Youtube Clone | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in group_posts.php in vShare YouTube Clone 2.6 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | |||||
CVE-2008-3768 | 1 Turnkeywebtools | 1 Sunshop Shopping Cart | 2025-04-09 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey Web Tools SunShop Shopping Cart before 4.1.5 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in an edit_registry action to index.php, (2) a vector involving the check_email function, and other vectors. | |||||
CVE-2008-4732 | 2 Pressography, Wordpress | 2 Wp Comment Remix Plugin, Wordpress | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter. | |||||
CVE-2008-6873 | 1 Activewebsoftwares | 1 Active Web Mail | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the TabOpenQuickTab1 parameter to (1) popaccounts.aspx, (2) addressbook.aspx, and (3) emails.aspx. | |||||
CVE-2008-6156 | 1 Formfields | 1 Adman | 2025-04-09 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in editCampaign.php in AdMan 1.1.20070907 allows remote authenticated users to execute arbitrary SQL commands via the campaignId parameter. | |||||
CVE-2009-4296 | 2 Brian Miller, Drupal | 2 Taxonomy Timer, Drupal | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Taxonomy Timer module 5.x-1.8 and earlier and 6.x-alpha1 and earlier for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2008-4786 | 1 E107 | 2 E107, Easyshop Plugin | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in easyshop.php in the EasyShop plugin for e107 allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
CVE-2009-4591 | 1 Secureideas | 1 Base | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2008-1462 | 1 Runcms | 1 Runcms | 2025-04-09 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in the sections (Section) module in RunCMS allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle action. | |||||
CVE-2008-2856 | 1 Ownrs | 1 Ownrs | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-3762 | 1 Turnkeywebtools | 1 Php Live Helper | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in onlinestatus_html.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the dep parameter, related to lack of input sanitization in the get function in global.php. | |||||
CVE-2008-1496 | 1 Peel | 1 Peel | 2025-04-09 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to (a) membre.php, and the (2) timestamp parameter to (b) the details action in achat/historique_commandes.php and (c) the facture action in factures/facture_html.php. | |||||
CVE-2007-4778 | 1 Joomla | 1 Joomla | 2025-04-09 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to (1) archive.php, (2) category.php, or (3) section.php in models/. NOTE: this may be the same as CVE-2007-4777. | |||||
CVE-2008-5003 | 1 Shahrood | 1 Shahrood | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2007-6557 | 1 Megacheatz | 1 Megacheatz | 2025-04-09 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in MeGaCheatZ 1.1 allow remote attackers to execute arbitrary SQL commands via the ItemID parameter to (1) comments.php, (2) view.php, (3) siteadmin/ViewItem.php, and unspecified other vectors. |