ReportizFlow
Filtered by vendor
Subscriptions
Total
18769 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5781 | 1 Cfagcms | 1 Cfagcms | 2025-04-09 | N/A |
| SQL injection vulnerability in right.php in Cant Find A Gaming CMS (CFAGCMS) 1.0 Beta 1 allows remote attackers to execute arbitrary SQL commands via the title parameter. | ||||
| CVE-2009-4474 | 2 Mambo-foundation, Mikedeboer | 2 Mambo, Com Zoom | 2025-04-09 | N/A |
| SQL injection vulnerability in the Mike de Boer zoom (com_zoom) component 2.0 for Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2008-6134 | 1 Drupal | 2 Drupal, Everyblog | 2025-04-09 | N/A |
| SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6487 | 1 Digiappz | 1 Digiaffiliate | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields. | ||||
| CVE-2008-0681 | 1 Phpshop | 1 Phpshop | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action. | ||||
| CVE-2008-4701 | 1 Liberiacms | 1 Liberia Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in admin.php in Libera CMS 1.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_user cookie parameter, a different vector than CVE-2008-4700. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-5820 | 1 Edreamers | 1 Ednews | 2025-04-09 | N/A |
| SQL injection vulnerability in eDNews_view.php in eDreamers eDNews 2 allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | ||||
| CVE-2008-0683 | 1 Wordpress | 1 St Newsletter Plugin | 2025-04-09 | N/A |
| SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter. | ||||
| CVE-2008-0942 | 1 Aeries | 1 Aeries Student Information System | 2025-04-09 | N/A |
| SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote attackers to execute arbitrary SQL commands via the GrdBk parameter. | ||||
| CVE-2009-2427 | 1 Jobbr | 1 Jobbr | 2025-04-09 | N/A |
| SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows remote attackers to execute arbitrary SQL commands via the emp_id parameter. | ||||
| CVE-2008-5838 | 1 Ephpscripts | 1 E-shop Shopping Cart | 2025-04-09 | N/A |
| SQL injection vulnerability in search_results.php in E-Php Scripts E-Shop (aka E-Php Shopping Cart) Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2009-0297 | 1 Clicktech | 1 Clickauction | 2025-04-09 | N/A |
| SQL injection vulnerability in login_check.asp in ClickAuction allows remote attackers to execute arbitrary SQL commands via the (1) txtEmail and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4386 | 1 Bookingcentre | 1 Booking System For Hotels Group | 2025-04-09 | N/A |
| SQL injection vulnerability in hotel_tiempolibre_ext.php in Venalsur Booking Centre Booking System for Hotels Group, when magic_quotes_gpc is enabled, allows remote attackers to execute arbitrary SQL commands via the NoticiaID parameter and other unspecified vectors. | ||||
| CVE-2008-6038 | 1 Mapcal | 1 Mapcal | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in MapCal 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an editevent action, possibly related to dsp_editevent.php. | ||||
| CVE-2009-4564 | 1 Zenphoto | 1 Zenphoto | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ZenPage plugin is enabled, allows remote attackers to execute arbitrary SQL commands via the category parameter, related to a URI under news/category/. | ||||
| CVE-2008-0678 | 1 Blogphp | 1 Blogphp | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a page action. | ||||
| CVE-2008-3489 | 1 Phpx | 1 Phpx | 2025-04-09 | N/A |
| SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie. | ||||
| CVE-2008-2632 | 1 Joomla | 2 Com Acctexp, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php. | ||||
| CVE-2007-3539 | 1 Qt-cute | 2 Quicktalk Forum, Quickticket | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in QuickTicket 1.2 build:20070621 and QuickTalk Forum 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) t and (2) f parameters in (a) qti_ind_post.php and (b) qti_ind_post_prt.php; (3) dir and (4) order parameters in qti_ind_member.php; (5) id parameter in qti_usr.php; and the (6) f parameter in qti_ind_topic.php. NOTE: it was later reported that vector 5 also affects 1.4, 1.5, and 1.5.0.3. | ||||
| CVE-2008-1460 | 3 Joomla, Joomlapixel, Mambo | 3 Joomla, Com Joovideo, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in the Joovideo (com_joovideo) 1.0 and 1.2.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||