Total
14138 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2394 | 1 Tagworx | 1 Tagworx Cms | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php. | ||||
| CVE-2008-2393 | 1 Entertainmentscript | 1 Entertainmentscript | 2024-11-21 | N/A |
| SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2384 | 3 Apache, Joey Schulze, Redhat | 3 Http Server, Mod Auth Mysql, Enterprise Linux | 2024-11-21 | N/A |
| SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request. | ||||
| CVE-2008-2381 | 1 Gforge | 1 Gforge | 2024-11-21 | N/A |
| SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable. | ||||
| CVE-2008-2380 | 1 Courier-mta | 1 Courtier-authlib | 2024-11-21 | N/A |
| SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes. | ||||
| CVE-2008-2356 | 1 Archangelmgt | 1 Archangel Weblog | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in Archangel Weblog 0.90.02 and earlier allows remote attackers to execute arbitrary SQL commands via the post_id parameter. | ||||
| CVE-2008-2351 | 1 Webmanager-pro | 1 Cms Webmanager-pro | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote attackers to execute arbitrary SQL commands via the (1) lang_id and (2) menu_id parameters. | ||||
| CVE-2008-2340 | 1 News Manager | 1 News Manager | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) lang parameter to (a) advsearch.php, (b) archive.php, and (c) index.php, and the (2) pid parameter to (d) list_tagitems.php. | ||||
| CVE-2008-2339 | 1 Turnkeywebtools | 1 Sunshop Shopping Cart | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549. | ||||
| CVE-2008-2337 | 1 Imgallery | 1 Imgallery | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in IMGallery 2.5, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kategoria parameter to (a) galeria.php and the (2) id_phot parameter to (b) popup/koment.php and (c) popup/opis.php in, different vectors than CVE-2006-3163. | ||||
| CVE-2008-2336 | 1 68 Classifieds | 1 68 Classifieds | 2024-11-21 | N/A |
| SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-2334 | 1 Aspindir | 1 Philboard | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2301 | 1 Phpway | 1 Kostenloses Linkmanagementscript | 2024-11-21 | N/A |
| SQL injection vulnerability in Kostenloses Linkmanagementscript allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) top_view.php. | ||||
| CVE-2008-2286 | 1 Symantec | 1 Altiris Deployment Solution | 2024-11-21 | N/A |
| SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet. | ||||
| CVE-2008-2278 | 1 Freelanceauction | 1 Freelance Auction Script | 2024-11-21 | N/A |
| SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action. | ||||
| CVE-2008-2277 | 1 Cmsnx | 1 Feedback And Rating Script | 2024-11-21 | N/A |
| SQL injection vulnerability in detail.php in Feedback and Rating Script 1.0 allows remote attackers to execute arbitrary SQL commands via the listingid parameter. | ||||
| CVE-2008-2265 | 1 Emophp | 1 Emo Realty Manager | 2024-11-21 | N/A |
| SQL injection vulnerability in news.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the ida parameter. | ||||
| CVE-2008-2263 | 1 Cmsnx | 1 Automated Link Exchange Portal | 2024-11-21 | N/A |
| SQL injection vulnerability in linking.page.php in Automated Link Exchange Portal allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: linking.page.php is commonly renamed to link.php, links.php, etc. | ||||
| CVE-2008-2231 | 1 Slashcode.com | 1 Slash | 2024-11-21 | N/A |
| SQL injection vulnerability in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) R_2_5_0_94 and earlier allows remote attackers to execute SQL commands and read table information via the id parameter. | ||||
| CVE-2008-2225 | 1 Gamecms | 1 Gamecms Lite | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId parameter. | ||||