Total
14138 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1909 | 1 Chadha Software Technologies | 1 Phpkb Knowledge Base | 2024-11-21 | N/A |
| SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2008-1907 | 1 Cpcommerce | 1 Cpcommerce | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in functions/display_page.func.php in cpCommerce 1.1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id_product, (2) id_manufacturer, and (3) id_category parameters to unspecified components. NOTE: this probably overlaps CVE-2007-2959 and CVE-2007-2890. | ||||
| CVE-2008-1895 | 1 Carboncommunities | 1 Carbon Communities | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to events.asp, the (2) UserName parameter to getpassword.asp, and possibly an unspecified parameter to (3) option_Update.asp in an edit action. | ||||
| CVE-2008-1890 | 2 Azrul, Joomla | 2 Jom Comment, Joomla | 2024-11-21 | N/A |
| SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1889 | 1 Xplodphp | 1 Autotutorials | 2024-11-21 | N/A |
| SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials 2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1875 | 1 Terong | 1 Advanced Web Photo Gallery | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 allows remote attackers to execute arbitrary SQL commands via the photo_id parameter. | ||||
| CVE-2008-1874 | 1 Xpoze | 1 Xpoze Pro | 2024-11-21 | N/A |
| SQL injection vulnerability in account/user/mail.html in Xpoze Pro 3.05 and earlier allows remote authenticated users to execute arbitrary SQL commands via the reed parameter. | ||||
| CVE-2008-1872 | 1 Comdev | 1 Comdev News Publisher | 2024-11-21 | N/A |
| SQL injection vulnerability in home.news.php in Comdev News Publisher 4.1.2 allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1871 | 1 Scriptsagent | 1 Links Directory | 2024-11-21 | N/A |
| SQL injection vulnerability in links.php in Scriptsagent.com Links Directory 1.1 allows remote authenticated users to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-1870 | 1 Geek247 | 1 Pigmy-sql | 2024-11-21 | N/A |
| SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1869 | 1 Site Sift Media | 1 Site Sift Listings | 2024-11-21 | N/A |
| SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific. | ||||
| CVE-2008-1867 | 1 Pixel Motion | 1 Pixel Motion Blog | 2024-11-21 | N/A |
| SQL injection vulnerability in Blog Pixel Motion (aka Blog PixelMotion) allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include/requetesIndex.php. | ||||
| CVE-2008-1864 | 1 Prozilla | 1 Prozilla Freelancers | 2024-11-21 | N/A |
| SQL injection vulnerability in project.php in Prozilla Freelancers allows remote attackers to execute arbitrary SQL commands via the project parameter. | ||||
| CVE-2008-1863 | 1 Prozilla | 1 Cheats | 2024-11-21 | N/A |
| SQL injection vulnerability in view_reviews.php in Prozilla Cheat Script (aka Cheats) 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1859 | 1 Iscripts | 1 Socialware | 2024-11-21 | N/A |
| SQL injection vulnerability in events.php in iScripts SocialWare allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action. | ||||
| CVE-2008-1858 | 1 724cms | 1 724cms | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in 724Networks 724CMS 4.01 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2008-1847 | 1 Coronamatrix | 1 Phpaddressbook | 2024-11-21 | N/A |
| SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1844 | 1 W2b | 1 Phphotresources | 2024-11-21 | N/A |
| SQL injection vulnerability in cat.php in W2B phpHotResources allows remote attackers to execute arbitrary SQL commands via the kind parameter. | ||||
| CVE-2008-1843 | 1 W2b | 1 Dating Club | 2024-11-21 | N/A |
| SQL injection vulnerability in browse.php in W2B DatingClub (aka Dating Club) allows remote attackers to execute arbitrary SQL commands via the age_to parameter in a browsebyCat action. | ||||
| CVE-2008-1841 | 1 Coppermine | 1 Coppermine Photo Gallery | 2024-11-21 | N/A |
| SQL injection vulnerability in the session handling functionality in bridge/coppermine.inc.php in Coppermine Photo Gallery (CPG) 1.4.17 and earlier allows remote attackers to execute arbitrary SQL commands via an input field associated with the session_id variable, as exploited in the wild in April 2008. NOTE: the fix for CVE-2008-1840 was intended to address this vulnerability, but is actually inapplicable. | ||||