Total
14138 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4634 | 1 Cisco | 2 Call Manager, Unified Communications Manager | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands via the lang variable to the (1) user or (2) admin logon page, aka CSCsi64265. | ||||
| CVE-2007-4611 | 1 Dale Mooney | 1 Calendar Events | 2024-11-21 | N/A |
| SQL injection vulnerability in viewevent.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-4604 | 1 Dinkumsoft.com | 1 Dl Paycart | 2024-11-21 | N/A |
| SQL injection vulnerability in viewitem.php in DL PayCart 1.01 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | ||||
| CVE-2007-4603 | 1 Altercoder | 1 Acg News | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in index.php in ACG News 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter in a showarticle action or (2) the catid parameter in a showcat action. | ||||
| CVE-2007-4602 | 1 Implied By Design | 1 Micro Cms | 2024-11-21 | N/A |
| SQL injection vulnerability in cms/revert-content.php in Implied by Design Micro CMS (Micro-CMS) 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-4597 | 1 Turnkey Web Tools | 1 Sunshop Shopping Cart | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the s[cid] parameter in a search_list action, a different vector than CVE-2007-2549. | ||||
| CVE-2007-4581 | 1 Wbb2-addon | 1 Acrotxt | 2024-11-21 | N/A |
| SQL injection vulnerability in acrotxt.php in WBB2-Addon: Acrotxt 1 allows remote attackers to execute arbitrary SQL commands via the show parameter. | ||||
| CVE-2007-4552 | 1 Agares Media | 1 Arcadem | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not. | ||||
| CVE-2007-4540 | 1 Olate | 1 Olatedownload | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in download.php in Olate Download (od) 3.4.2 allow remote attackers to execute arbitrary SQL commands via the (1) HTTP_REFERER or (2) HTTP_USER_AGENT HTTP header. | ||||
| CVE-2007-4491 | 1 Gurur Haber | 1 Gurur Haber | 2024-11-21 | N/A |
| SQL injection vulnerability in uyeler2.php in Gurur haber 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-4456 | 2 Mambo, Parkview Consultants | 2 Mambo, Simplefaq | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in the SimpleFAQ (com_simplefaq) 2.11 component for Mambo allows remote attackers to execute arbitrary SQL commands via the aid parameter. NOTE: it was later reported that 2.40 is also affected, and that the component can be used in Joomla! in addition to Mambo. | ||||
| CVE-2007-4368 | 1 Ibm | 1 Rational Clearquest | 2024-11-21 | N/A |
| SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command. | ||||
| CVE-2007-4258 | 1 Prozilla | 1 Prozilla Pub Site Directory | 2024-11-21 | N/A |
| SQL injection vulnerability in directory.php in Prozilla Pub Site Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2007-4207 | 1 Kerberosdev | 1 Gallery In A Box | 2024-11-21 | N/A |
| SQL injection vulnerability in admin_console/index.asp in Gallery In A Box allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password field. NOTE: these fields might be associated with the txtUsername and txtPassword parameters. | ||||
| CVE-2007-4173 | 1 Hunkaray Okul | 1 Portaly | 2024-11-21 | N/A |
| SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-3080. | ||||
| CVE-2007-4095 | 1 Bsm Store | 1 Dependent Forums | 2024-11-21 | N/A |
| SQL injection vulnerability in BSM Store Dependent Forums 1.02 allows remote attackers to execute arbitrary SQL commands via a Username field in an unspecified component, probably the FrmUserName parameter in login.asp. | ||||
| CVE-2007-4056 | 1 Adult Directory | 1 Adult Directory | 2024-11-21 | N/A |
| SQL injection vulnerability in directory.php in Prozilla Adult Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. NOTE: the original report indicated that this was the "photo" SourceForge project (aka Maan Bsat Photo Collection), but that was incorrect. | ||||
| CVE-2007-3938 | 1 Maxdev | 1 Mdpro | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.8x and earlier before 20070720 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a view action in the Topics module, a different vulnerability than CVE-2006-1676. | ||||
| CVE-2007-3937 | 1 A-shop | 1 A-shop | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-3933 | 1 Quickestore | 1 Quickestore | 2024-11-21 | N/A |
| SQL injection vulnerability in insertorder.cfm in QuickEStore 8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the CFTOKEN parameter, a different vector than CVE-2006-2053. | ||||