Total
16284 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6781 | 1 Scripts-for-sites | 1 Ez Gaming Directory | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Sites for Scripts (SFS) Gaming Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | |||||
| CVE-2008-3265 | 1 Joomla | 1 Com Dtregister | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the eventId parameter in a pay_options action to index.php. | |||||
| CVE-2008-3749 | 1 Yourfreeworld | 1 Banner Management Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-0815 | 2 Egitimhost, Joomla | 2 Com Mezun, Com Mezun | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task. | |||||
| CVE-2008-5859 | 1 Constructr | 1 Constructr-cms | 2025-04-09 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the show_page parameter. | |||||
| CVE-2007-6342 | 1 David Castro | 1 Apache Authcas | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the David Castro AuthCAS module (AuthCAS.pm) 0.4 for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the SESSION_COOKIE_NAME (session ID) in a cookie. | |||||
| CVE-2008-5586 | 1 Check Up | 1 Check New | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||||
| CVE-2008-5804 | 1 E-topbiz | 1 Number Links 1 Php Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/admin_catalog.php in e-topbiz Number Links 1 Php Script allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action. | |||||
| CVE-2007-1897 | 1 Wordpress | 1 Wordpress | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable. | |||||
| CVE-2009-3659 | 1 Stanback | 1 Bs Counter | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in file/stats.php in BS Counter 2.5.3 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2008-6076 | 2 Jlleblanc, Joomla | 2 Com Dailymessage, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | |||||
| CVE-2008-3590 | 1 Egi Zaberl | 1 E.z. Poll | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. Poll 2 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-2883 | 1 Arabless | 1 Saphplesson | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in admin/login.php in SaphpLesson 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cp_username parameter, related to an error in the CleanVar function in includes/functions.php. | |||||
| CVE-2008-3027 | 1 Vangogh Web Cms | 1 Vangogh Web Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php. | |||||
| CVE-2008-0692 | 1 Itechscripts | 1 Itechbids | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | |||||
| CVE-2009-3193 | 2 Joomla, Uwix | 2 Joomla, Com Digifolio | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the DigiFolio (com_digifolio) component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php. | |||||
| CVE-2008-2900 | 1 Phpauction | 1 Phpauction | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-6084 | 1 Hotscripts | 1 Clone Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4603 | 1 Igaming | 1 Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action. | |||||
| CVE-2007-2111 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 allows remote authenticated users to inject arbitrary SQL commands via unknown vectors, aka DB04. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB04 is actually for multiple vulnerabilities. | |||||