Total
14138 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2023 | 1 Pd9 Software | 1 Megabbs | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) invisible and (2) timeoffset parameters to profile/controlpanel.asp and the (3) attachmentid parameter to forums/attach-file.asp. | ||||
| CVE-2008-2013 | 1 Pnflashgames | 1 Pnflashgames | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in the pnFlashGames 1.5 through 2.5 module for PostNuke, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a display action. | ||||
| CVE-2008-2012 | 1 Postnuke Software Foundation | 1 Postschedule | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the eid parameter in an event action. | ||||
| CVE-2008-1990 | 1 Acidcat | 1 Acidcat Cms | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) cID parameter to default.asp and the (2) username parameter to main_login2.asp. | ||||
| CVE-2008-1982 | 1 Wordpress | 2 Wordpress, Wpss | 2024-11-21 | N/A |
| SQL injection vulnerability in ss_load.php in the Spreadsheet (wpSS) 0.6 and earlier plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter. | ||||
| CVE-2008-1975 | 1 Cogites | 1 E Reserve | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in E-RESERV 2.1 allows remote attackers to execute arbitrary SQL commands via the ID_loc parameter. | ||||
| CVE-2008-1968 | 1 Cezannesw | 1 Cezanne | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in Cezanne 7 allow remote authenticated users to execute arbitrary SQL commands via the FUNID parameter to (1) CFLookup.asp and (2) CznCommon/CznCustomContainer.asp. | ||||
| CVE-2008-1961 | 1 Php Resource | 1 Voice Of Web Allmyguests | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to execute arbitrary SQL commands via the AMG_id parameter in a comments action. | ||||
| CVE-2008-1957 | 1 Easyscripts | 1 Tr Script News | 2024-11-21 | N/A |
| SQL injection vulnerability in news.php in Tr Script News 2.1 allows remote attackers to execute arbitrary SQL commands via the nb parameter in voir mode. | ||||
| CVE-2008-1954 | 1 Webcalendar | 1 Web Calendar Pro | 2024-11-21 | N/A |
| SQL injection vulnerability in one_day.php in Web Calendar Pro 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | ||||
| CVE-2008-1939 | 1 Aspindir | 1 Philboard | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in W1L3D4 Philboard 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) topic parameters to (a) philboard_reply.asp, and the (3) forumid parameter to (b) philboard_newtopic.asp, different vectors than CVE-2007-2641 and CVE-2007-0920. | ||||
| CVE-2008-1936 | 1 Classifieds Caffe | 1 Classifieds Caffe | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in Classifieds Caffe allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an add action. NOTE: this issue might be site-specific. | ||||
| CVE-2008-1935 | 1 Joomla | 1 Joomla | 2024-11-21 | N/A |
| SQL injection vulnerability in the Filiale 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the idFiliale parameter. | ||||
| CVE-2008-1934 | 1 Crazy Goomba | 1 Crazy Goomba | 2024-11-21 | N/A |
| SQL injection vulnerability in commentaires.php in Crazy Goomba 1.2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1921 | 1 5th Avenue Software | 1 5th Avenue Shopping Cart | 2024-11-21 | N/A |
| SQL injection vulnerability in store_pages/category_list.php in 5th Avenue Shopping Cart 1.2 trial edition allows remote attackers to execute arbitrary SQL commands via the category_ID parameter. | ||||
| CVE-2008-1919 | 1 Yourfreeworld | 1 Apartment Search Script | 2024-11-21 | N/A |
| SQL injection vulnerability in listtest.php in YourFreeWorld Apartment Search Script allows remote attackers to execute arbitrary SQL commands via the r parameter. | ||||
| CVE-2008-1918 | 1 Php-fusion | 1 Php-fusion | 2024-11-21 | N/A |
| SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magic_quotes_gpc is disabled and the database table prefix is known, allows remote authenticated users to execute arbitrary SQL commands via the submit_info[] parameter in a link submission action. NOTE: it was later reported that 7.00.2 is also affected. | ||||
| CVE-2008-1915 | 1 Devworx | 1 Blogworx | 2024-11-21 | N/A |
| SQL injection vulnerability in view.asp in DevWorx BlogWorx 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1913 | 1 Lasernet Cms | 1 Lasernet Cms | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the new parameter in a new action. | ||||
| CVE-2008-1911 | 1 1024 Cms | 1 1024 Cms | 2024-11-21 | N/A |
| SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a cookpass cookie. | ||||