Total
14138 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1840 | 1 Coppermine | 1 Coppermine Photo Gallery | 2024-11-21 | N/A |
| SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload. | ||||
| CVE-2008-1838 | 1 Bosdev | 1 Bosclassifieds Ads Systems | 2024-11-21 | N/A |
| SQL injection vulnerability in BosClassifieds Classified Ads System 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php. | ||||
| CVE-2008-1791 | 1 Mygamingladder | 1 Mygamingladder | 2024-11-21 | N/A |
| SQL injection vulnerability in ladder.php in My Gaming Ladder 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the ladderid parameter. | ||||
| CVE-2008-1789 | 1 Prozilla | 1 Forum | 2024-11-21 | N/A |
| SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter. | ||||
| CVE-2008-1788 | 1 Prozilla | 1 Entertainers | 2024-11-21 | N/A |
| SQL injection vulnerability in directory.php in Prozilla Entertainers 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1774 | 1 Pligg | 1 Pligg Cms | 2024-11-21 | N/A |
| SQL injection vulnerability in editlink.php in Pligg 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1763 | 1 Blogator Script | 1 Blogator Script | 2024-11-21 | N/A |
| SQL injection vulnerability in _blogadata/include/sond_result.php in Blogator-script 0.95 allows remote attackers to execute arbitrary SQL commands via the id_art parameter. | ||||
| CVE-2008-1759 | 2 Jeuxflash, Kwsphp | 2 Jeuxflash Module, Kwsphp | 2024-11-21 | N/A |
| SQL injection vulnerability in the jeuxflash module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php, a different vector than CVE-2007-4922. | ||||
| CVE-2008-1758 | 1 Kwsphp | 1 Kwsphp | 2024-11-21 | N/A |
| SQL injection vulnerability in the ConcoursPhoto module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the C_ID parameter to index.php. | ||||
| CVE-2008-1750 | 1 Livecart | 1 Livecart | 2024-11-21 | N/A |
| SQL injection vulnerability in Integry Systems LiveCart 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to the /category URI. | ||||
| CVE-2008-1733 | 2 Joomla, Pragmaticutopia | 2 Joomla, Com Puarcade | 2024-11-21 | N/A |
| SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade (com_puarcade) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter to index.php. | ||||
| CVE-2008-1732 | 1 Predictionfootball | 1 Predictionfootball | 2024-11-21 | N/A |
| SQL injection vulnerability in showpredictionsformatch.php in Prediction Football 1.x allows remote attackers to execute arbitrary SQL commands via the matchid parameter in a dupa action. | ||||
| CVE-2008-1726 | 1 Myknowledgequest | 1 Knowledgequest | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kqid parameter to (a) articletext.php and (b) articletextonly.php and the (2) username parameter to (c) logincheck.php. | ||||
| CVE-2008-1715 | 1 Auracms | 1 Auracms | 2024-11-21 | N/A |
| SQL injection vulnerability in content/user.php in AuraCMS 2.2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the country parameter. | ||||
| CVE-2008-1714 | 1 Fascript | 1 Faphoto | 2024-11-21 | N/A |
| SQL injection vulnerability in show.php in FaScript FaPhoto 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1699 | 1 Desiquintans | 1 Writers Block Cms | 2024-11-21 | N/A |
| SQL injection vulnerability in permalink.php in Desi Quintans Writer's Block CMS 3.8a allows remote attackers to execute arbitrary SQL commands via the PostID parameter. | ||||
| CVE-2008-1650 | 1 Myiosoft | 1 Easynews | 2024-11-21 | N/A |
| SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edp_Help_Internal_News action. | ||||
| CVE-2008-1646 | 2 Arnos Toolbox, Wordpress | 2 Wp-download, Wp Download | 2024-11-21 | N/A |
| SQL injection vulnerability in wp-download.php in the WP-Download 1.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the dl_id parameter. | ||||
| CVE-2008-1644 | 1 Savas Place | 1 Savas Link Manager | 2024-11-21 | N/A |
| SQL injection vulnerability in viewlinks.php in Sava's Link Manager 2.0 allows remote attackers to execute arbitrary SQL commands via the category parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1641 | 1 Efestech | 1 Video | 2024-11-21 | N/A |
| SQL injection vulnerability in default.asp in EfesTECH Video 5.0 allows remote attackers to execute arbitrary SQL commands via the catID parameter. | ||||