ReportizFlow
Filtered by vendor
Subscriptions
Total
18749 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6721 | 1 Ajsquare | 1 Aj Article | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute arbitrary SQL commands via the txtName parameter (aka the username field). | ||||
| CVE-2008-6179 | 1 Indexscript | 1 Indexscript | 2025-04-09 | N/A |
| SQL injection vulnerability in sug_cat.php in IndexScript 3.0 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter, a different vector than CVE-2007-4069. | ||||
| CVE-2008-2647 | 1 Mebiblio | 1 Mebiblio | 2025-04-09 | N/A |
| SQL injection vulnerability in admin/journal_change_mask.inc.php in meBiblio 0.4.7 allows remote attackers to execute arbitrary SQL commands via the JID parameter. | ||||
| CVE-2007-5646 | 1 Simple Machines | 1 Simple Machines Forum | 2025-04-09 | N/A |
| SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php. | ||||
| CVE-2008-6782 | 1 Scripts-for-sites | 1 Ez Hosting Directory | 2025-04-09 | N/A |
| SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Hosting Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-6783 | 1 Scripts-for-sites | 1 Ez Home Business Directory | 2025-04-09 | N/A |
| SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Home Business Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-6798 | 1 Preprojects | 1 Pre Real Estate Listings | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in login.php in Pre Projects Pre Real Estate Listings allow remote attackers to execute arbitrary SQL commands via (1) the us parameter (aka the Username field) or (2) the ps parameter (aka the Password field). | ||||
| CVE-2008-3191 | 1 Marcioforum | 1 Mforum | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Email, (4) Icq, (5) msn, or (6) Yahoo Messenger field in an edit_profile action. | ||||
| CVE-2008-6802 | 1 Phpexplorer | 1 Phphotogallery | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in index.php in phPhotoGallery 0.92 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-6127 | 1 Project Alumni | 1 Project Alumni | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the year parameter to (1) view.page.inc.php, which is reachable through a view action to index.php; or (2) the year parameter to news.page.inc.php, which is reachable through a news action to index.php. | ||||
| CVE-2007-6084 | 1 Hotscripts | 1 Clone Script | 2025-04-09 | N/A |
| SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1789 | 1 Prozilla | 1 Forum | 2025-04-09 | N/A |
| SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter. | ||||
| CVE-2008-6693 | 2 Sebastian Baumann, Typo3 | 2 Sb Downloader, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2008-3206 | 1 Iamilkay | 1 Yuhhu Pubs Black Cat | 2025-04-09 | N/A |
| SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black Cat allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2007-6078 | 1 Skyportal | 1 Skyportal | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) nc_top.asp; (2) inc_bookmarks.asp, possibly involving a parameter passed from cp_main.asp; (3) inc_profile_functions.asp; or (4) inc_SUBSCRIPTIONS.asp; or the (5) Avatar_URL, (6) LINK1, or (7) LINK2 parameter to cp_main.asp in an EditIt action. | ||||
| CVE-2008-4335 | 1 Atomic Photo Album | 1 Atomic Photo Album | 2025-04-09 | N/A |
| SQL injection vulnerability in album.php in Atomic Photo Album (APA) 1.1.0pre4 allows remote attackers to execute arbitrary SQL commands via the apa_album_ID parameter. | ||||
| CVE-2008-3945 | 1 Source Workshop | 1 Words Tag Script | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Words tag 1.2 allows remote attackers to execute arbitrary SQL commands via the word parameter in a claim action. | ||||
| CVE-2007-6575 | 1 Brand039 | 1 Mmslamp | 2025-04-09 | N/A |
| SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action. | ||||
| CVE-2009-2436 | 1 Phponlinedatingsoftware | 1 Myphpdating | 2025-04-09 | N/A |
| SQL injection vulnerability in page.php in Online Dating Software MyPHPDating 1.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | ||||
| CVE-2007-6394 | 1 P3mbo | 1 Content Injector | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Content Injector 1.53 allows remote attackers to execute arbitrary SQL commands via the id parameter in an expand action. | ||||