ReportizFlow
Filtered by vendor
Subscriptions
Total
18945 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2692 | 1 Joomla | 1 Com Yvcomment | 2026-04-23 | N/A |
| SQL injection vulnerability in the yvComment (com_yvcomment) component 1.16.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the ArticleID parameter in a comment action to index.php. | ||||
| CVE-2008-0099 | 1 Myphp Forum | 1 Myphp Forum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the searchtext parameter to search.php, and unspecified other vectors. | ||||
| CVE-2008-1404 | 1 Exv2 | 1 Exv2 | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Viso (Industry Book) 2.04 and 2.03 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the kid parameter. | ||||
| CVE-2008-1425 | 1 Easy-clanpage | 1 Easy-clanpage | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the gallery module in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a kate action. | ||||
| CVE-2008-0154 | 1 Evilboard | 1 Evilboard | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to execute arbitrary SQL commands the c parameter. | ||||
| CVE-2008-7075 | 1 Kalptaru Infotech | 1 Stararticles | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star Articles 6.0 allow remote attackers to inject arbitrary SQL commands via (1) the subcatid parameter to article.list.php; or the artid parameter to (2) article.print.php, (3) article.comments.php, (4) article.publisher.php, or (5) article.download.php; and (6) the PATH_INFO to article.download.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1464 | 1 Gallarific | 1 Gallarific | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Gallarific Free Edition 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) query parameter to (a) search.php; (2) gusername and (3) gpassword parameters to (b) login.php; and the (4) username and (5) password parameters to (c) gadmin/index.php in a signin action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-7097 | 1 Qsoft-inc | 1 K-rate | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Qsoft K-Rate Premium allow remote attackers to execute arbitrary SQL commands via (1) the $id variable in admin/includes/dele_cpac.php, (2) $ord[order_id] variable in payments/payment_received.php, (3) $id variable in includes/functions.php, and (4) unspecified variables in modules/chat.php, as demonstrated via the (a) show parameter in an online action to index.php; (b) PATH_INTO to the room/ handler; (c) image and (d) id parameters in a vote action to index.php; (e) PATH_INFO to the blog/ handler; and (f) id parameter in a blog_edit action to index.php. | ||||
| CVE-2008-7116 | 1 Webidsupport | 1 Webid | 2026-04-23 | N/A |
| SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the username. | ||||
| CVE-2008-0224 | 1 Runcms | 1 Runcms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Newbb_plus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter. | ||||
| CVE-2008-7120 | 1 Mrcgiguy | 1 Hot Links Sql-php | 2026-04-23 | N/A |
| SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter. | ||||
| CVE-2009-3595 | 1 Vspanel | 1 Vs Panel | 2026-04-23 | N/A |
| SQL injection vulnerability in results.php in VS PANEL 7.5.5 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter, a different vector than CVE-2009-3590. | ||||
| CVE-2008-1486 | 1 Phorum | 1 Phorum | 2026-04-23 | N/A |
| SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search. | ||||
| CVE-2008-6749 | 1 China-on-site | 1 Flexphpdirectory | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) checkuser and (2) checkpass parameters. | ||||
| CVE-2008-6753 | 1 Silverstripe | 1 Silverstripe | 2026-04-23 | N/A |
| SQL injection vulnerability in SilverStripe before 2.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField. | ||||
| CVE-2008-6777 | 1 Myphp | 1 Myphp Forum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a confirm action, the (2) user parameter in a newconfirm action, and (3) reqpwd action to member.php; and the (4) quote parameter in a post action and (5) pid parameter in an edit action to post.php, different vectors than CVE-2005-0413.2 and CVE-2007-6667. | ||||
| CVE-2008-6779 | 1 Phpnuke | 2 Php-nuke, Sarkilar Module | 2026-04-23 | N/A |
| SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php. | ||||
| CVE-2008-6787 | 1 Jeremy Powers | 1 Lizardware Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in administrator/index.php in Lizardware CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the user. | ||||
| CVE-2009-3495 | 1 Vastal | 1 Dvd Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_mag.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the mag_id parameter, a different vector than CVE-2008-4465. | ||||
| CVE-2008-6803 | 1 Yigit Aybuga | 1 Dizi Portali | 2026-04-23 | N/A |
| SQL injection vulnerability in diziler.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||