ReportizFlow
Filtered by vendor
Subscriptions
Total
18748 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3867 | 1 Cce-interact | 1 Interact | 2025-04-09 | N/A |
| SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to execute arbitrary SQL commands via the email_user_key parameter. | ||||
| CVE-2009-0406 | 1 Community Cms | 1 Community Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Community CMS 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-5829 | 1 Aiocp | 1 Aiocp | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in All In One Control Panel (AIOCP) 1.3.007 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) choosed_language parameter to (a) cp_dpage.php, (b) cp_news.php, (c) cp_forum_view.php, (d) cp_edit_user.php, (e) cp_newsletter.php, (f) cp_links.php, (g) cp_contact_us.php, (h) cp_login.php, and (i) cp_codice_fiscale.php in public/code/; (2) news_category parameter to public/code/cp_news.php; (3) nlmsg_nlcatid parameter to public/code/cp_newsletter.php; (4) links_category parameter to public/code/cp_links.php; (5) product_category_id parameter to public/code/cp_show_ec_products.php; (6) order_field parameter to public/code/cp_show_ec_products.php; (7) firstrow parameter to public/code/cp_users_online.php; and (8) orderdir parameter to public/code/cp_links_search.php. | ||||
| CVE-2009-2394 | 2 Mr Saphp Arabic Mobile, Smspages | 2 Messages Library, Smspages | 2025-04-09 | N/A |
| SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp Arabic Script Mobile (aka Messages Library) 2.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter. | ||||
| CVE-2006-6349 | 1 Pwp Technologies | 1 The Classified Ad System | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in PWP Technologies The Classified Ad System allow remote attackers to execute arbitrary SQL commands via (1) the main parameter in a view action (includes/mainpage/view.asp) in default.asp or (2) a query in the search engine. | ||||
| CVE-2009-2929 | 1 Tgs-cms | 1 Tgs Content Management | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in TGS Content Management 0.x allow remote attackers to execute arbitrary SQL commands via the (1) tgs_language_id, (2) tpl_dir, (3) referer, (4) user-agent, (5) site, (6) option, (7) db_optimization, (8) owner, (9) admin_email, (10) default_language, and (11) db_host parameters to cms/index.php; and the (12) cmd, (13) s_dir, (14) minutes, (15) s_mask, (16) test3_mp, (17) test15_file1, (18) submit, (19) brute_method, (20) ftp_server_port, (21) userfile14, (22) subj, (23) mysql_l, (24) action, and (25) userfile1 parameters to cms/frontpage_ception.php. NOTE: some of these parameters may be applicable only in nonstandard versions of the product, and cms/frontpage_ception.php may be cms/frontpage_caption.php in all released versions. | ||||
| CVE-2009-0726 | 3 Gigcalendar, Joomla, Mambo | 3 Com Gigcalendar, Joomla, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the gigcal_gigs_id parameter in a details action to index.php. | ||||
| CVE-2006-6706 | 1 Soumu | 3 Koukyoumuke Soumu Workflow, Soumo Workflow, Soumu Workflow | 2025-04-09 | N/A |
| SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 through 01-01, Soumu Workflow 02-00 through 03-03, and Koukyoumuke Soumu Workflow 01-00 through 01-01 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors in certain web pages. | ||||
| CVE-2008-5289 | 1 Scripts4you | 1 Clean Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5310 | 1 Netart Media | 1 Car Portal | 2025-04-09 | N/A |
| SQL injection vulnerability in image.php in NetArt Media Car Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-6362 | 1 Joomla | 1 Rs Gallery2 | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the RSGallery (com_rsgallery) 2.0 beta 5 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an inline page action. | ||||
| CVE-2008-6202 | 1 Jakob-persson | 1 Cobalt | 2025-04-09 | N/A |
| SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) urun.asp, (2) admin/bayi_listele.asp, (3) admin/urun_grup_listele.asp, and (4) admin/urun_listele.asp. | ||||
| CVE-2007-6639 | 1 Iptbb Team | 1 Iptbb | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in IPTBB 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewdir action. | ||||
| CVE-2008-5490 | 1 Phpstore | 1 Yahoo Answers | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in PHPStore Yahoo Answers allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5494 | 2 Digitalgreys, Joomla | 2 Com Contactinfo, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2008-5838 | 1 Ephpscripts | 1 E-shop Shopping Cart | 2025-04-09 | N/A |
| SQL injection vulnerability in search_results.php in E-Php Scripts E-Shop (aka E-Php Shopping Cart) Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2006-5603 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2025-04-09 | 9.8 Critical |
| SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2008-5940 | 1 Modxcms | 1 Modxcms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the searchid parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1799 | 1 Sebastian-thiele | 1 St-gallery | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.php in ST-Gallery 0.1 alpha, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) gallery_category or (2) gallery_show parameter to example.php. | ||||
| CVE-2008-6117 | 1 Pilotgroup | 1 Pg Job Site Pro | 2025-04-09 | N/A |
| SQL injection vulnerability in homepage.php in PG Job Site Pro allows remote attackers to execute arbitrary SQL commands via the poll_view_id parameter in a results action. | ||||