ReportizFlow
Filtered by vendor
Subscriptions
Total
18732 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1838 | 1 Bosdev | 1 Bosclassifieds Ads Systems | 2025-04-09 | N/A |
| SQL injection vulnerability in BosClassifieds Classified Ads System 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php. | ||||
| CVE-2008-3070 | 1 Mybb | 1 Mybb | 2025-04-09 | N/A |
| Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection. | ||||
| CVE-2008-2875 | 1 Webdevindo-cms | 1 Webdevindo-cms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allows remote attackers to execute arbitrary SQL commands via the hal parameter. | ||||
| CVE-2008-3051 | 1 Typo3 | 1 Pinboard Extension | 2025-04-09 | N/A |
| SQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-0670 | 1 Joomla | 1 Com Noticias | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the Noticias (com_noticias) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detalhe action. | ||||
| CVE-2008-1895 | 1 Carboncommunities | 1 Carbon Communities | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to events.asp, the (2) UserName parameter to getpassword.asp, and possibly an unspecified parameter to (3) option_Update.asp in an edit action. | ||||
| CVE-2009-3712 | 1 Ebayclonescript | 1 Ebay Clone | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php; and the item_id parameter to (2) view_full_size.php, (3) classifide_ad.php, and (4) crosspromoteitems.php. | ||||
| CVE-2009-3718 | 1 Davethewebguy | 1 Battle Blog | 2025-04-09 | N/A |
| SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote attackers to execute arbitrary SQL commands via the UserName parameter. | ||||
| CVE-2008-1913 | 1 Lasernet Cms | 1 Lasernet Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the new parameter in a new action. | ||||
| CVE-2008-0733 | 1 Cs Team | 1 Counter Strike Portal | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers to execute arbitrary SQL commands via the id parameter, as demonstrated using the downloads page. | ||||
| CVE-2008-0737 | 1 Shoppingtree | 1 Candypress Store | 2025-04-09 | N/A |
| SQL injection vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and other 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the helpfield parameter. | ||||
| CVE-2008-0744 | 1 Preprojects.com | 1 Pre Hotels \& Resorts Management System | 2025-04-09 | N/A |
| SQL injection vulnerability in user_login.asp in PreProjects.com Pre Hotels & Resorts Management System allows remote attackers to execute arbitrary SQL commands via the login page. | ||||
| CVE-2008-0753 | 1 Vwar | 1 Virtual War | 2025-04-09 | N/A |
| SQL injection vulnerability in calendar.php in Virtual War (VWar) 1.5 allows remote attackers to execute arbitrary SQL commands via the month parameter. | ||||
| CVE-2008-1954 | 1 Webcalendar | 1 Web Calendar Pro | 2025-04-09 | N/A |
| SQL injection vulnerability in one_day.php in Web Calendar Pro 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | ||||
| CVE-2009-0281 | 1 Warhound | 1 Walking Club | 2025-04-09 | N/A |
| SQL injection vulnerability in login.aspx in WarHound Walking Club allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | ||||
| CVE-2009-3750 | 1 Santostefano Giovanni | 1 Toylog | 2025-04-09 | N/A |
| SQL injection vulnerability in read.php in ToyLog 0.1 allows remote attackers to execute arbitrary SQL commands via the idm parameter. | ||||
| CVE-2009-0339 | 1 Dmxready | 1 Blog Manager | 2025-04-09 | N/A |
| SQL injection vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to execute arbitrary SQL commands via the itemID parameter in a view action. | ||||
| CVE-2009-0705 | 1 Powerscripts | 1 Powernews | 2025-04-09 | N/A |
| SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | ||||
| CVE-2008-1162 | 1 Php Web Scripts | 1 Dynamic Photo Gallery | 2025-04-09 | N/A |
| SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter. | ||||
| CVE-2007-2997 | 1 Salescart | 1 Shopping Cart | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in cgi-bin/reorder2.asp in SalesCart Shopping Cart allow remote attackers to execute arbitrary SQL commands via the password field and other unspecified vectors. NOTE: the vendor disputes this issue, stating "We were able to reproduce this sql injection on an old out-of-date demo on the website but not on the released product. | ||||