ReportizFlow
Filtered by vendor
Subscriptions
Total
18750 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0881 | 1 Josema Enzo | 1 Isiajax | 2025-04-09 | N/A |
| SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0730 | 3 Gigcalendar, Joomla, Mambo | 3 Com Gigcalendar, Joomla, Mambo | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, which is not properly handled by venuedetails.php, and (2) the gigcal_bands_id parameter in a details action to index.php, which is not properly handled by banddetails.php, different vectors than CVE-2009-0726. | ||||
| CVE-2009-2777 | 1 Garagesalesjunkie | 1 Garagesales Script | 2025-04-09 | N/A |
| SQL injection vulnerability in visitor/view.php in GarageSales Script allows remote attackers to execute arbitrary SQL commands via the key parameter. | ||||
| CVE-2007-5402 | 1 Layton Technology | 1 Helpbox | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Layton HelpBox 3.7.1 allow (1) remote attackers to execute arbitrary SQL commands via the sys_request_id parameter to editrequestenduser.asp; and allow remote authenticated users to execute arbitrary SQL commands via (2) the oldpassword parameter to writepwdenduser.asp, and the sys_request_id parameter to (3) changerequeststatus.asp, (4) editrequestuser.asp, (5) requestcommentsuser.asp, and (6) useractions.asp, different vectors than CVE-2004-2551. | ||||
| CVE-2007-4173 | 1 Hunkaray Okul | 1 Portaly | 2025-04-09 | N/A |
| SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-3080. | ||||
| CVE-2006-7089 | 1 Ban | 1 Ban | 2025-04-09 | N/A |
| SQL injection vulnerability in connexion.php in Ban 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0111 | 1 Goople Cms | 1 Goople Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-1032 | 1 Yabsoft | 1 Advanced Image Hosting Script | 2025-04-09 | N/A |
| SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter. | ||||
| CVE-2008-5777 | 1 Cadenix | 1 Cadenix | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in CadeNix allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2009-2789 | 2 Joomla, Permis | 2 Joomla, Com Groups | 2025-04-09 | N/A |
| SQL injection vulnerability in the Permis (com_groups) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-7059 | 1 Aled Owen | 1 One-news | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter. | ||||
| CVE-2009-2236 | 1 Yourarticlesdirectory | 1 Your Articles Directory | 2025-04-09 | N/A |
| SQL injection vulnerability in yad-admin/login.php in Your Article Directory allows remote attackers to execute arbitrary SQL commands via the txtAdminEmail parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4430 | 1 Virtuemart | 1 Virtuemart | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in VirtueMart 1.0 allows remote attackers to execute arbitrary SQL commands via the product_id parameter in a shop.product_details shop.flypage action. | ||||
| CVE-2009-1409 | 1 E107 | 1 E107 | 2025-04-09 | N/A |
| SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320. | ||||
| CVE-2008-6952 | 1 Cms.maury91 | 1 Maurycms | 2025-04-09 | N/A |
| SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and earlier allows remote attackers to execute arbitrary SQL commands via the c parameter. | ||||
| CVE-2008-6485 | 1 Softcomplex | 1 Php Image Gallery | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery allows remote attackers to execute arbitrary SQL commands via the ctg parameter. | ||||
| CVE-2008-6319 | 1 Cfmsource | 1 Cf Calendar | 2025-04-09 | N/A |
| SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter. | ||||
| CVE-2008-5586 | 1 Check Up | 1 Check New | 2025-04-09 | N/A |
| SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | ||||
| CVE-2009-2008 | 1 Dokeos | 1 Dokeos | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) uInfo parameter to main/tracking/userLog.php and the (2) course parameter to main/mySpace/lp_tracking.php, a different vector than CVE-2009-2006.2. | ||||
| CVE-2008-4675 | 1 Phpcounter | 1 Phpcounter | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in PHPcounter 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | ||||