ReportizFlow
Filtered by vendor
Subscriptions
Total
18769 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-6466 | 1 Freewebshop | 1 Freewebshop | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the prod parameter in a details action, (2) the cat parameter in a browse list action, or (3) the group parameter in a categories action. NOTE: it was later reported that MOG - Web Shop (MOG-WebShop), a product based on the same code, is also affected. | ||||
| CVE-2008-2688 | 1 Pilotcart | 1 Pilot Cart | 2025-04-09 | N/A |
| SQL injection vulnerability in pilot.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the article parameter in a kb action. | ||||
| CVE-2009-0332 | 1 Avbooklibrary | 1 Avbooklibrary | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in AV Book Library before 1.1 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) admin/edit.php, (2) admin/add.php, (3) lib/book_search.php, and possibly other components. | ||||
| CVE-2008-0810 | 2 Joomla, Mambo | 2 Com Scheduling Component, Com Scheduling Component | 2025-04-09 | N/A |
| SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-4581 | 1 Wbb2-addon | 1 Acrotxt | 2025-04-09 | N/A |
| SQL injection vulnerability in acrotxt.php in WBB2-Addon: Acrotxt 1 allows remote attackers to execute arbitrary SQL commands via the show parameter. | ||||
| CVE-2008-6853 | 1 Netcat | 1 Netcat | 2025-04-09 | N/A |
| SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter. | ||||
| CVE-2007-6538 | 2 Moodle, Mrbs | 2 Moodle, Mrbs | 2025-04-09 | N/A |
| SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6866 | 1 Php-nuke | 1 Current Issue Module | 2025-04-09 | N/A |
| SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action. | ||||
| CVE-2008-4046 | 1 Elitecms | 1 Elitecms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in eliteCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2008-6880 | 1 Easysitenetwork | 1 Jokes Complete Website | 2025-04-09 | N/A |
| SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes Website allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1915 | 1 Devworx | 1 Blogworx | 2025-04-09 | N/A |
| SQL injection vulnerability in view.asp in DevWorx BlogWorx 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-6583 | 1 1024 Cms | 1 1024 Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter. | ||||
| CVE-2007-4922 | 2 Jeuxflash, Kwsphp | 2 Jeuxflash Module, Kwsphp | 2025-04-09 | N/A |
| SQL injection vulnerability in play.php in the jeuxflash 1.0 module for KwsPHP allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a play ac action to index.php. NOTE: some details are obtained from third party information. | ||||
| CVE-2008-2796 | 1 Freecms.us | 1 Freecms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2007-6586 | 1 Niclor | 1 Niclor | 2025-04-09 | N/A |
| SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php. | ||||
| CVE-2008-0256 | 1 Matteo Binda | 1 Asp Photo Gallery | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and (c) thumbricerca.asp and the (2) ricerca parameter to (d) thumbricerca.asp. | ||||
| CVE-2007-6587 | 1 Plogger | 1 Plogger | 2025-04-09 | N/A |
| SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-3913 | 1 Gforge | 1 Gforge | 2025-04-09 | N/A |
| SQL injection vulnerability in Gforge before 3.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-5165 | 1 Eticket | 1 Eticket | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote attackers to execute arbitrary SQL commands via the pri parameter to (1) index.php, (2) open.php, (3) open_raw.php, and (4) newticket.php. | ||||
| CVE-2007-5187 | 1 Php-fusion | 1 Expanded Calendar Module | 2025-04-09 | N/A |
| SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calendar 2.x module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the sel parameter. | ||||