Total
14138 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2530 | 1 Quickupcms | 1 Quickupcms | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in Concepts & Solutions QuickUpCMS allow remote attackers to execute arbitrary SQL commands via the (1) nr parameter to (a) frontend/news.php, the (2) id parameter to (b) events3.php and (c) videos2.php in frontend/, the (3) y parameter to (d) frontend/events2.php, and the (4) ser parameter to (e) frontend/fotos2.php. | ||||
| CVE-2008-2529 | 1 Advanced Links Management | 1 Advanced Links Management | 2024-11-21 | N/A |
| SQL injection vulnerability in read.php in Advanced Links Management (ALM) 1.5.2 allows remote attackers to execute arbitrary SQL commands via the catId parameter. | ||||
| CVE-2008-2523 | 1 Raknet | 1 Autopatcher Server | 2024-11-21 | N/A |
| SQL injection vulnerability in the Autopatcher server plugin in RakNet before 3.23 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-2522 | 1 Haudenschilt | 1 Battlenet Clan Script | 2024-11-21 | N/A |
| SQL injection vulnerability in members.php in Battle.net Clan Script for PHP 1.5.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showmember parameter in a members action. | ||||
| CVE-2008-2521 | 1 Yabsoft | 1 Mega File Hosting Script | 2024-11-21 | N/A |
| SQL injection vulnerability in members.php in YABSoft Mega File Hosting Script (aka MFH or MFHS) 1.2 allows remote authenticated users to execute arbitrary SQL commands via the fid parameter. | ||||
| CVE-2008-2510 | 1 Wordpress | 1 Upload File Plugin | 2024-11-21 | N/A |
| SQL injection vulnerability in wp-uploadfile.php in the Upload File plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the f_id parameter. | ||||
| CVE-2008-2509 | 1 Excuse Online | 1 Excuse Online | 2024-11-21 | N/A |
| SQL injection vulnerability in pwd.asp in Excuse Online allows remote attackers to execute arbitrary SQL commands via the pID parameter. | ||||
| CVE-2008-2506 | 1 Simpel Side | 1 Weblosning | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in Simpel Side Weblosning 1 through 4 allow remote attackers to execute arbitrary SQL commands via the (1) mainid and (2) id parameters to index2.php. | ||||
| CVE-2008-2504 | 1 Simpel Side | 1 Netbutik | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in Simpel Side Netbutik 1 through 4 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to netbutik.php and the (2) id parameter to product.php. | ||||
| CVE-2008-2501 | 1 Henning Stoverud | 1 Phphotoalbum | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in PHPhotoalbum 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) album parameter to thumbnails.php and the (2) pid parameter to displayimage.php. | ||||
| CVE-2008-2498 | 1 Mambo-foundation | 1 Mambo | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2492 | 1 Badongo | 1 Campus Bulletin Board | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to post3/view.asp and the (2) review parameter to post3/book.asp. | ||||
| CVE-2008-2491 | 1 Hotscripts | 1 Ablespace | 2024-11-21 | N/A |
| SQL injection vulnerability in adv_cat.php in AbleSpace 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2008-2489 | 1 Typo3 | 1 Sg Zfelib | 2024-11-21 | N/A |
| SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified "user input." | ||||
| CVE-2008-2487 | 1 Maxsite | 1 Maxsite | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a webboard action. | ||||
| CVE-2008-2484 | 1 Xomol | 1 Xomol Cms | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter. | ||||
| CVE-2008-2479 | 1 Badongo | 1 Phpfix | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) kind parameter to fix/browse.php and the (2) account parameter to auth/00_pass.php. | ||||
| CVE-2008-2477 | 1 Mx-system | 1 Mxbb Portal | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in MxBB (aka MX-System) Portal 2.7.3 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2008-2461 | 1 Netious | 1 Netious Cms | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in Netious CMS 0.4 allows remote attackers to execute arbitrary SQL commands via the pageid parameter, a different vector than CVE-2006-4047. | ||||
| CVE-2008-2460 | 1 Vbulletin | 1 Vbulletin | 2024-11-21 | N/A |
| SQL injection vulnerability in faq.php in vBulletin 3.7.0 Gold allows remote attackers to execute arbitrary SQL commands via the q parameter in a search action. | ||||