Total
16283 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3806 | 1 Dedecms | 1 Dedecms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in feedback_js.php in DedeCMS 5.1 allows remote attackers to execute arbitrary SQL commands via the arcurl parameter. | |||||
| CVE-2008-5496 | 1 Pozscripts | 1 Business Directory Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showcategory.php in PozScripts Business Directory Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2007-4845 | 1 Rwscripts.com | 1 Rw Download Lite | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Download 2.0.3 lite allow remote attackers to execute arbitrary SQL commands via the (1) dlid or (2) cid parameter. | |||||
| CVE-2007-0582 | 1 Chernobile | 1 Chernobile | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in ChernobiLe 1.0 allows remote attackers to execute arbitrary SQL commands via the User (username) field. | |||||
| CVE-2008-2914 | 1 Preprojects | 1 Php Jobwebsite Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in jobseekers/JobSearch3.php (aka the search module) in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the (1) kw or (2) position parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6128 | 1 Flor De Utopia | 1 Workingonweb | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in events.php in WorkingOnWeb 2.0.1400 allows remote attackers to execute arbitrary SQL commands via the idevent parameter. | |||||
| CVE-2008-5927 | 1 China-on-site | 1 Flexphpnews | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote attackers to execute arbitrary SQL commands via the (1) checkuser parameter (aka username field) or (2) checkpass parameter (aka password field) to admin/index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1122 | 1 Dream4 | 1 Koobi Pro | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the downloads module in Koobi Pro 5.7 allows remote attackers to execute arbitrary SQL commands via the categ parameter to index.php. NOTE: it was later reported that this also affects Koobi CMS 4.2.4, 4.2.5, and 4.3.0. | |||||
| CVE-2008-6124 | 2 Debian, Moodle | 2 Debian Linux, Moodle | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the HotPot module in Moodle 1.6 before 1.6.7, 1.7 before 1.7.5, 1.8 before 1.8.6, and 1.9 before 1.9.2 allows remote attackers to execute arbitrary SQL commands via a crafted selected attempt. | |||||
| CVE-2008-6327 | 1 Manzovi | 1 Proquiz | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312. | |||||
| CVE-2008-5488 | 1 E-topbiz | 1 Domain Shop | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.php in E-topbiz Domain Shop 2 allows remote attackers to execute arbitrary SQL commands via the passfromform parameter. | |||||
| CVE-2008-0881 | 1 Phpnuke | 1 Okul Module | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in the Okul 1.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the okulid parameter in an okullar action. | |||||
| CVE-2007-5180 | 1 Ohesa Emlak Portali | 1 Ohesa Emlak Portali | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ohesa Emlak Portali allow remote attackers to execute arbitrary SQL commands via the (1) Kategori parameter in satilik.asp and the (2) Emlak parameter in detay.asp. | |||||
| CVE-2009-2361 | 1 Osticket | 1 Osticket | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter. | |||||
| CVE-2007-6647 | 1 W-agora | 1 W-agora | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2009-2777 | 1 Garagesalesjunkie | 1 Garagesales Script | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in visitor/view.php in GarageSales Script allows remote attackers to execute arbitrary SQL commands via the key parameter. | |||||
| CVE-2009-4045 | 1 Frontaccounting | 1 Frontaccounting | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.1.7 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to various .inc and .php files in (1) reporting/, (2) sales/, (3) sales/includes/, (4) sales/includes/db/, (5) sales/inquiry/, (6) sales/manage/, (7) sales/view/, (8) taxes/, and (9) taxes/db/. | |||||
| CVE-2008-3346 | 1 E-topbiz | 1 Shopcart Dx | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_detail.php in ShopCart DX allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2007-5679 | 1 Deeemm | 1 Dmcms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected. | |||||
| CVE-2008-6019 | 1 Do-cms | 1 Do-cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in EACOMM DO-CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||