ReportizFlow
Filtered by vendor
Subscriptions
Total
18732 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1162 | 1 Php Web Scripts | 1 Dynamic Photo Gallery | 2025-04-09 | N/A |
| SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter. | ||||
| CVE-2008-6794 | 1 Sfs Ez Pub | 1 Fsf Ex Pub | 2025-04-09 | N/A |
| SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Pub Site allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2007-2997 | 1 Salescart | 1 Shopping Cart | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in cgi-bin/reorder2.asp in SalesCart Shopping Cart allow remote attackers to execute arbitrary SQL commands via the password field and other unspecified vectors. NOTE: the vendor disputes this issue, stating "We were able to reproduce this sql injection on an old out-of-date demo on the website but not on the released product. | ||||
| CVE-2008-2536 | 1 Yabsoft | 1 Advanced Image Hosting Script | 2025-04-09 | N/A |
| SQL injection vulnerability in out.php in YABSoft Advanced Image Hosting (AIH) Script 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t parameter. | ||||
| CVE-2008-2529 | 1 Advanced Links Management | 1 Advanced Links Management | 2025-04-09 | N/A |
| SQL injection vulnerability in read.php in Advanced Links Management (ALM) 1.5.2 allows remote attackers to execute arbitrary SQL commands via the catId parameter. | ||||
| CVE-2008-6197 | 1 Kwsphp | 2 Galerie Module, Kwsphp | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the galerie module for KwsPHP 1.3.456 allows remote attackers to execute arbitrary SQL commands via the id_gal parameter in a gal action. | ||||
| CVE-2008-6225 | 1 Mole-group | 1 Airline Ticket Sale Script | 2025-04-09 | N/A |
| SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote attackers to execute arbitrary SQL commands via the flight parameter. NOTE: the vendor has disputed this issue, stating "crazy hackers and so named Security companies [spread] out such false informations. Such scripts or versions [do not] exist. | ||||
| CVE-2008-6226 | 1 Preproject | 1 Php Auto Listings Script | 2025-04-09 | N/A |
| SQL injection vulnerability in moreinfo.php in Pre Projects PHP Auto Listings Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the itemno parameter. | ||||
| CVE-2009-4199 | 3 Joomla, Mambo-foundation, Mamboforge | 3 Joomla\!, Mambo, Com Mosres | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos Res or com_mosres) component 1.0f for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) property_uid parameter in a viewproperty action to index.php and the (2) regID parameter in a showregion action to index.php. | ||||
| CVE-2008-1341 | 1 Lagarde | 1 Storefront | 2025-04-09 | N/A |
| SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFront 6 before SP8 allows remote attackers to execute arbitrary SQL commands via the CategoryId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4527 | 1 Php-fusion | 1 Recepies Module | 2025-04-09 | N/A |
| SQL injection vulnerability in recept.php in the Recepies (Recept) module 1.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the kat_id parameter in a kategorier action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4498 | 1 Phpautos | 1 Phpautos | 2025-04-09 | N/A |
| SQL injection vulnerability in searchresults.php in PHP Autos 2.9.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2008-4497 | 1 Built2go | 1 Real Estate Listings | 2025-04-09 | N/A |
| SQL injection vulnerability in event_detail.php in Built2Go Real Estate Listings 1.5 allows remote attackers to execute arbitrary SQL commands via the event_id parameter. | ||||
| CVE-2008-4492 | 1 Yourownbux | 1 Yourownbux | 2025-04-09 | N/A |
| SQL injection vulnerability in referrals.php in YourOwnBux 4.0 allows remote attackers to execute arbitrary SQL commands via the usNick cookie. | ||||
| CVE-2008-0142 | 1 Webportal | 1 Webportal Cms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in WebPortal CMS 0.6-beta allow remote attackers to execute arbitrary SQL commands via the user_name parameter to actions.php, and unspecified other vectors. | ||||
| CVE-2008-6233 | 1 Fivedollarscripts | 1 Drinks | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Five Dollar Scripts Drinks script allows remote attackers to execute arbitrary SQL commands via the recid parameter. | ||||
| CVE-2008-0253 | 1 Binn | 1 Sbuilder | 2025-04-09 | N/A |
| SQL injection vulnerability in full_text.php in Binn SBuilder allows remote attackers to execute arbitrary SQL commands via the nid parameter. | ||||
| CVE-2008-6372 | 1 Ocean12tech | 1 Faq Manager Pro | 2025-04-09 | N/A |
| SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a Cat action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0451 | 1 Pacercms | 1 Pacercms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) siteadmin/article-edit.php; and unspecified parameters to (2) submitted-edit.php, (3) page-edit.php, (4) section-edit.php, (5) staff-edit.php, and (6) staff-access.php in siteadmin/. | ||||
| CVE-2009-4360 | 2 Handcoders, Xoops | 2 Content Module, Xoops | 2025-04-09 | N/A |
| SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||