ReportizFlow
Filtered by vendor
Subscriptions
Total
18769 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6332 | 1 Simplecustomer | 1 Simple Customer | 2025-04-09 | N/A |
| SQL injection vulnerability in login.php in Simple Customer 1.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. | ||||
| CVE-2008-6689 | 2 Kevin Renskers, Typo3 | 2 Dmmjobcontrol, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2008-2461 | 1 Netious | 1 Netious Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Netious CMS 0.4 allows remote attackers to execute arbitrary SQL commands via the pageid parameter, a different vector than CVE-2006-4047. | ||||
| CVE-2008-1632 | 1 Emedia Office Gmbh | 1 Cuteflow | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) listid parameter to pages/editmailinglist_step1.php, the (2) userid parameter to pages/edituser.php, the (3) fieldid parameter to pages/editfield.php, and the (4) templateid to pages/edittemplate_step1.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4991 | 1 Ec-cube | 1 Ec-cube | 2025-04-09 | N/A |
| SQL injection vulnerability in LOCKON CO.,LTD. EC-CUBE 2.3.0 and earlier, 1.4.7 and earlier, and 1.5.0-beta2 and earlier; and Community Edition 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the parameter. | ||||
| CVE-2009-2579 | 1 Cs-cart | 1 Cs-cart | 2025-04-09 | N/A |
| SQL injection vulnerability in reward_points.post.php in the Reward points addon in CS-Cart before 2.0.6 allows remote authenticated users to execute arbitrary SQL commands via the sort_order parameter in a reward_points.userlog action to index.php, a different vulnerability than CVE-2005-4429.2. | ||||
| CVE-2008-6371 | 1 Ocean12tech | 1 Membership Manager Pro | 2025-04-09 | N/A |
| SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the username (Username parameter). | ||||
| CVE-2008-6378 | 1 Mxmania | 1 Calendar Mx Professional | 2025-04-09 | N/A |
| SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2008-3387 | 1 Phpfootball | 1 Phpfootball | 2025-04-09 | N/A |
| SQL injection vulnerability in show.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the dbtable parameter. | ||||
| CVE-2008-6780 | 1 Scripts-for-sites | 1 Ez Affiliate | 2025-04-09 | N/A |
| SQL injection vulnerability in directory.php in Scripts for Sites (SFS) SFS EZ Affiliate allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-4895 | 1 Yourfreeworld | 1 Downline Builder Script | 2025-04-09 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Downline Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-3246 | 1 Mybuxscript | 1 Pts-bux | 2025-04-09 | N/A |
| SQL injection vulnerability in spnews.php in MyBuxScript PTC-BUX allows remote attackers to execute arbitrary SQL commands via the id parameter in an spnews action to the default URI. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-4540 | 1 Olate | 1 Olatedownload | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in download.php in Olate Download (od) 3.4.2 allow remote attackers to execute arbitrary SQL commands via the (1) HTTP_REFERER or (2) HTTP_USER_AGENT HTTP header. | ||||
| CVE-2008-5988 | 1 Jadu | 1 Jadu Cms For Government | 2025-04-09 | N/A |
| SQL injection vulnerability in scripts/recruit_details.php in Jadu CMS for Government allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5797 | 1 Typo3 | 2 Advcalendar Extension, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the advCalendar extension 0.3.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-3256 | 1 Siteframe | 2 Siteframe Beaumont, Siteframe Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and earlier, and Siteframe Beaumont 5.0.5 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5800 | 1 Typo3 | 2 Fsmi People, Wir Ber Uns Extension | 2025-04-09 | N/A |
| SQL injection vulnerability in the Wir ber uns [sic] (fsmi_people) extension 0.0.24 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6401 | 1 Jetik | 1 Jetik-web | 2025-04-09 | N/A |
| SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote attackers to execute arbitrary SQL commands via the kat parameter. | ||||
| CVE-2008-6029 | 1 Buzzywall | 1 Buzzywall | 2025-04-09 | N/A |
| SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | ||||
| CVE-2008-6409 | 1 Brian Wilson | 1 Ol\'bookmarks | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in ol'bookmarks manager 0.7.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a brain action. | ||||