Total
14138 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-6083 | 1 Icebb | 1 Icebb | 2024-11-21 | N/A |
| SQL injection vulnerability in admin/index.php in IceBB 1.0-rc6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header. | ||||
| CVE-2007-6080 | 1 Bcoos | 1 Bcoos | 2024-11-21 | N/A |
| SQL injection vulnerability in modules/banners/click.php in the banners module for bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the bid parameter. NOTE: it was later reported that 1.0.13 is also affected. | ||||
| CVE-2007-6078 | 1 Skyportal | 1 Skyportal | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) nc_top.asp; (2) inc_bookmarks.asp, possibly involving a parameter passed from cp_main.asp; (3) inc_profile_functions.asp; or (4) inc_SUBSCRIPTIONS.asp; or the (5) Avatar_URL, (6) LINK1, or (7) LINK2 parameter to cp_main.asp in an EditIt action. | ||||
| CVE-2007-6058 | 1 Profilecms | 1 Profilecms | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) codes action in the profile-codes module, (2) videos action in the video-codes module, or (3) games action in the arcade-games module. | ||||
| CVE-2007-6035 | 1 Cacti | 1 Cacti | 2024-11-21 | N/A |
| SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter. | ||||
| CVE-2007-6032 | 1 Aleris | 1 Web Publishing Server | 2024-11-21 | N/A |
| SQL injection vulnerability in calendar/page.asp in Aleris Web Publishing Server 3.0 allows remote attackers to execute arbitrary SQL commands via the mode parameter. | ||||
| CVE-2007-6014 | 1 Beehive Forum | 1 Beehive Forum | 2024-11-21 | N/A |
| SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t_dedupe parameter. | ||||
| CVE-2007-6012 | 1 Gatesoft | 1 Docusafe | 2024-11-21 | N/A |
| SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the artnr parameter (aka the search section). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6004 | 1 Toko | 1 Instan | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Toko Instan 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in an artikel action or (2) the katid parameter in a produk action. | ||||
| CVE-2007-5999 | 1 Softbizscripts | 1 Softbiz Auctions Script | 2024-11-21 | N/A |
| SQL injection vulnerability in product_desc.php in Softbiz Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-5998 | 1 Softbizscripts | 1 Ad Management Plus Script | 2024-11-21 | N/A |
| SQL injection vulnerability in ads.php in Softbiz Ad Management plus Script 1 allows remote authenticated users to execute arbitrary SQL commands via the package parameter. | ||||
| CVE-2007-5997 | 1 Softbizscripts | 1 Banner Exchange Network Script | 2024-11-21 | N/A |
| SQL injection vulnerability in campaign_stats.php in Softbiz Banner Exchange Network Script 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-5996 | 1 Softbizscripts | 1 Link Directory Script | 2024-11-21 | N/A |
| SQL injection vulnerability in searchresult.php in Softbiz Link Directory Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter, a related issue to CVE-2007-5449. | ||||
| CVE-2007-5992 | 1 Datecomm | 1 Social Networking Script | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in datecomm Social Networking Script (aka Myspace Clone Script) allows remote attackers to execute arbitrary SQL commands via the seid parameter in a viewcat s action on the forums page. | ||||
| CVE-2007-5991 | 1 Exo | 1 Exophpdesk | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in ExoPHPdesk allows remote attackers to execute arbitrary SQL commands via the user parameter in a profile fn action. | ||||
| CVE-2007-5986 | 1 Btiteam | 1 Btitracker | 2024-11-21 | N/A |
| SQL injection vulnerability in include/functions.php in BtiTracker before 1.4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-5978 | 1 Xoops | 1 Mylinks Module | 2024-11-21 | N/A |
| SQL injection vulnerability in brokenlink.php in the mylinks module for XOOPS allows remote attackers to execute arbitrary SQL commands via the lid parameter. | ||||
| CVE-2007-5976 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-11-21 | N/A |
| SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter. | ||||
| CVE-2007-5975 | 1 Torrentstrike | 1 Torrentstrike | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in TBSource, as used in (1) TBDev and (2) TorrentStrike 0.4, allows remote authenticated users to execute arbitrary SQL commands via the choice parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-5974 | 1 Jportal | 1 Jportal Web Portal | 2024-11-21 | N/A |
| SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter. | ||||