ReportizFlow
Filtered by vendor
Subscriptions
Total
18749 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4086 | 1 Source Workshop | 1 Reciprocal Links Manager | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action. | ||||
| CVE-2008-4144 | 1 Discountedscripts | 1 E-gold Script Shop | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in ACG-ScriptShop E-Gold Script Shop allows remote attackers to execute arbitrary SQL commands via the cid parameter in a showcat action. | ||||
| CVE-2009-1023 | 1 Phpcomasy | 1 Phpcomasy | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in phpComasy 0.9.1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter. | ||||
| CVE-2009-1026 | 1 Kimwebsites | 1 Kim Websites | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in login.php in Kim Websites 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | ||||
| CVE-2008-6907 | 1 2532gigs | 1 2532gigs | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, as accessible from a form generated by index.php. | ||||
| CVE-2008-4154 | 1 Living-e | 1 Webedition Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in living-e webEdition CMS allows remote attackers to execute arbitrary SQL commands via the we_objectID parameter. | ||||
| CVE-2007-0642 | 1 Rbl | 1 Tforum | 2025-04-09 | N/A |
| SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL - ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp. | ||||
| CVE-2008-4371 | 1 Availscript | 1 Availscript Article Script | 2025-04-09 | N/A |
| SQL injection vulnerability in articles.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the aIDS parameter. | ||||
| CVE-2008-4376 | 1 Livetvscript | 1 Live Tv Script | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Live TV Script allows remote attackers to execute arbitrary SQL commands via the mid parameter. | ||||
| CVE-2008-2817 | 1 Nitropowered | 1 Nitro Web Gallery | 2025-04-09 | N/A |
| SQL injection vulnerability in albums.php in NiTrO Web Gallery 1.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the CatId parameter in a show action. | ||||
| CVE-2006-6367 | 1 Duware | 3 Dudownload, Dunews, Dupaypal | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in detail.asp in DUware DUdownload 1.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) iFile or (2) action parameter. NOTE: the iType parameter is already covered by CVE-2005-3976. | ||||
| CVE-2008-2865 | 1 Kalptaru Infotech | 1 Php Site Lock | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a show_article action. | ||||
| CVE-2008-2902 | 1 Alstrasoft | 1 Askme Pro | 2025-04-09 | N/A |
| SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to forum_answer.php is already covered by CVE-2007-4085. | ||||
| CVE-2008-2916 | 1 Preprojects | 1 Pre Ads Portal | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to showcategory.php and the (2) id parameter to software-description.php. | ||||
| CVE-2008-5037 | 1 Elkagroup | 1 Image Gallery | 2025-04-09 | N/A |
| SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2009-0963 | 1 Xlinesoft | 1 Phprunner | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the SearchField parameter to (1) UserView_list.php, (2) orders_list.php, (3) users_list.php, and (4) Administrator_list.php. | ||||
| CVE-2008-6180 | 1 Newlife Blogger | 1 Newlife Blogger | 2025-04-09 | N/A |
| SQL injection vulnerability in system/nlb_user.class.php in NewLife Blogger 3.0 and earlier, and possibly 3.3.1, allows remote attackers to execute arbitrary SQL commands via the nlb3 cookie. | ||||
| CVE-2009-0326 | 1 Dark Age Cms | 1 Dark Age Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in login.php in Dark Age CMS 0.2c beta allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-2898 | 1 2z Project | 1 2z Project | 2025-04-09 | N/A |
| SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php. | ||||
| CVE-2008-2746 | 1 Gryphon | 1 Gllcts2 | 2025-04-09 | N/A |
| SQL injection vulnerability in login.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the detail parameter. | ||||