ReportizFlow
Filtered by vendor
Subscriptions
Total
19011 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1341 | 1 Lagarde | 1 Storefront | 2026-04-23 | N/A |
| SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFront 6 before SP8 allows remote attackers to execute arbitrary SQL commands via the CategoryId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2429 | 1 Calendarix | 1 Basic | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via (1) the catsearch parameter to cal_search.php or (2) the catview parameter to cal_cat.php. NOTE: vector 1 might overlap CVE-2007-3183.3, and vector 2 might overlap CVE-2005-1865.2. | ||||
| CVE-2007-3937 | 1 A-shop | 1 A-shop | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-1430 | 1 Iatek | 1 Aspapp | 2026-04-23 | N/A |
| SQL injection vulnerability in links.asp in ASPapp allows remote attackers to execute arbitrary SQL commands via the CatId parameter. | ||||
| CVE-2008-0383 | 1 Mybb | 1 Mybb | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts action, (2) rid parameter in an allreports action, or (3) threads parameter in a do_multimovethreads action to (a) moderation.php; or (4) gid parameter to (b) admin/usergroups.php. | ||||
| CVE-2008-0487 | 1 The Net Guys | 1 Aspired2protect | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4715 | 1 Jpad Project | 1 Jpad | 2026-04-23 | N/A |
| SQL injection vulnerability in the Jpad (com_jpad) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. | ||||
| CVE-2007-3909 | 1 Bandersnatch | 1 Bandersnatch | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) date and (2) limit parameters to index.php, and other unspecified vectors. | ||||
| CVE-2007-1171 | 1 Nukescripts | 1 Nukesentinel | 2026-04-23 | N/A |
| SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions before 2.5.12 allows remote attackers to execute arbitrary SQL commands via an admin cookie. | ||||
| CVE-2008-4782 | 1 Aiocp | 1 Aiocp | 2026-04-23 | N/A |
| SQL injection vulnerability in public/code/cp_polls_results.php in All In One Control Panel (AIOCP) 1.4 allows remote attackers to execute arbitrary SQL commands via the poll_id parameter. | ||||
| CVE-2008-2393 | 1 Entertainmentscript | 1 Entertainmentscript | 2026-04-23 | N/A |
| SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5954 | 1 Ktp Computer Customer Database | 1 Ktp Computer Customer Database | 2026-04-23 | N/A |
| SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lname parameter in a login action to an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4887 | 1 Netrisk | 1 Netrisk | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in NetRisk 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2130 | 1 Igaming | 1 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in poll_vote.php in iGaming CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1149 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-23 | N/A |
| phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies. | ||||
| CVE-2008-6970 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-23 | N/A |
| SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter. | ||||
| CVE-2008-6985 | 1 Zen-cart | 1 Zen Cart | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart. | ||||
| CVE-2008-6992 | 1 Greensql | 1 Greensql Firewall | 2026-04-23 | N/A |
| GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL. | ||||
| CVE-2008-7003 | 1 The-rat-cms | 1 The-rat-cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.php in The Rat CMS Alpha 2 allow remote attackers to execute arbitrary SQL commands via the (1) user_id and (2) password parameter. | ||||
| CVE-2008-7033 | 2 Galore, Joomla | 2 Com Simpleshop, Joomla\! | 2026-04-23 | N/A |
| SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the section parameter in a section action to index.php, a different vulnerability than CVE-2008-2568. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect. | ||||