ReportizFlow
Filtered by vendor
Subscriptions
Total
18749 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4633 | 1 Drupal | 2 Drupal, Node Clone | 2025-04-09 | N/A |
| SQL injection vulnerability in Node Vote 5.x before 5.x-1.1 and 6.x before 6.x-1.0, a module for Drupal, when "Allow user to vote again" is enabled, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to a "previously cast vote." | ||||
| CVE-2008-5289 | 1 Scripts4you | 1 Clean Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5294 | 1 Bdigital Web Solutions | 1 Webstudio Ecatalogue | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in WebStudio eCatalogue allows remote attackers to execute arbitrary SQL commands via the pageid parameter. | ||||
| CVE-2008-4732 | 2 Pressography, Wordpress | 2 Wp Comment Remix Plugin, Wordpress | 2025-04-09 | N/A |
| SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||
| CVE-2009-1751 | 1 Realtywebware | 1 Realty Web-base | 2025-04-09 | N/A |
| SQL injection vulnerability in list_list.php in Realty Webware Technologies Web-Base 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5310 | 1 Netart Media | 1 Car Portal | 2025-04-09 | N/A |
| SQL injection vulnerability in image.php in NetArt Media Car Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-3189 | 1 Dreamlevels | 1 Dreamnews Manager | 2025-04-09 | N/A |
| SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6392 | 1 1scripts | 1 Z1exchange | 2025-04-09 | N/A |
| SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0409 | 1 Mzbservices | 1 Max.blog | 2025-04-09 | N/A |
| SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-1297 | 3 Ewriting, Joomla, Mambo | 3 Ewriting, Com Ewriting, Com Ewriting | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action. | ||||
| CVE-2009-2609 | 2 Amotools, Joomla | 2 Com Amocourse, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. | ||||
| CVE-2008-6257 | 1 Openasp | 1 Openasp | 2025-04-09 | N/A |
| SQL injection vulnerability in default.asp in Openasp 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idpage parameter in the pages module. | ||||
| CVE-2008-6026 | 1 Bluecube | 1 Bluecube Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-6275 | 1 Bcoos | 1 Bcoos | 2025-04-09 | N/A |
| SQL injection vulnerability in modules/adresses/ratefile.php in bcoos 1.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter, a different vector than CVE-2007-6266. | ||||
| CVE-2008-0421 | 1 Invision Power Services | 1 Invision Gallery | 2025-04-09 | N/A |
| SQL injection vulnerability in Invision Gallery 2.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the album parameter in a rate command. | ||||
| CVE-2007-6338 | 1 Trivantis | 1 Coursemill Enterprise Learning Management System | 2025-04-09 | N/A |
| SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote attackers to execute arbitrary SQL commands via the user parameter (username field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1936 | 1 Classifieds Caffe | 1 Classifieds Caffe | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Classifieds Caffe allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an add action. NOTE: this issue might be site-specific. | ||||
| CVE-2007-6362 | 1 Joomla | 1 Rs Gallery2 | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the RSGallery (com_rsgallery) 2.0 beta 5 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an inline page action. | ||||
| CVE-2007-6366 | 1 Sinecms | 1 Sinecms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in SineCMS 2.3.4 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to mods/Calendar/index.php, accessed through a Calendar info action to mods.php; the id parameter to admin/mods_adm.php in a (2) Guestbook modifica or (3) Calendar modify action; or the (4) mese or (5) anno parameter to admin/mods_adm.php in a Calendar action. NOTE: the component for vectors 2 through 5 might be limited to administrators. | ||||
| CVE-2007-1962 | 1 Xoops | 2 Wf-snippets, Xoops | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the WF-Snippets 1.02 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the c parameter in a cat action. | ||||