SQL injection vulnerability in Techno Dreams Web Directory script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.
Max CVSS
7.5
EPSS Score
1.01%
Published
2005-10-30
Updated
2016-10-18
SQL injection vulnerability in Techno Dreams Mailing List script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.
Max CVSS
7.5
EPSS Score
0.26%
Published
2005-10-30
Updated
2016-10-18
SQL injection vulnerability in Techno Dreams Guest Book script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.
Max CVSS
7.5
EPSS Score
0.36%
Published
2005-10-30
Updated
2016-10-18
SQL injection vulnerability in Techno Dreams Announcement script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.
Max CVSS
7.5
EPSS Score
0.26%
Published
2005-10-30
Updated
2016-10-18
Multiple SQL injection vulnerabilities in the Info-DB module (info_db.php) in Woltlab Burning Board 2.7 and earlier allow remote attackers to execute arbitrary SQL commands and possibly upload files via the (1) fileid and (2) subkatid parameters.
Max CVSS
7.5
EPSS Score
0.34%
Published
2005-10-30
Updated
2017-07-11
Multiple SQL injection vulnerabilities in DCP-Portal 6 and earlier allow remote attackers to execute arbitrary SQL commands, possibly requiring encoded characters, via (1) the name parameter in register.php, (2) the email parameter in lostpassword.php, (3) the year parameter in calendar.php, and the (4) cid parameter to index.php. NOTE: the mid parameter for forums.php is already associated with CVE-2005-0454. NOTE: the index.php/cid vector was later reported to affect 6.11.
Max CVSS
7.5
EPSS Score
0.52%
Published
2005-10-30
Updated
2018-10-19
Multiple SQL injection vulnerabilities in DboardGear allow remote attackers to execute arbitrary SQL commands via (1) the buddy parameter in buddy.php, (2) the u2uid parameter in u2u.php, and (3) an invalid theme file in the themes action to ctrtools.php.
Max CVSS
7.5
EPSS Score
1.11%
Published
2005-10-30
Updated
2016-10-18
SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 and saphpLesson2.0, allows remote attackers to execute arbitrary SQL commands via the forumid parameter in (1) showcat.php and (2) add.php.
Max CVSS
7.5
EPSS Score
2.83%
Published
2005-10-30
Updated
2018-10-19
SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Max CVSS
7.5
EPSS Score
1.31%
Published
2005-10-27
Updated
2011-03-08
SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
Max CVSS
7.5
EPSS Score
1.23%
Published
2005-10-27
Updated
2017-07-11
SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the awayday parameter.
Max CVSS
7.5
EPSS Score
0.26%
Published
2005-10-27
Updated
2008-09-05
Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.2, and unspecified other console scripts in these products, allow remote attackers to execute arbitrary SQL commands via the sig[1] parameter and possibly other parameters.
Max CVSS
7.5
EPSS Score
0.68%
Published
2005-10-27
Updated
2012-07-03
SQL injection vulnerability in chat.php in MWChat 6.8 allows remote attackers to execute arbitrary SQL commands via the username parameter.
Max CVSS
7.5
EPSS Score
11.15%
Published
2005-10-27
Updated
2017-07-11
Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilter, and (4) computerFilter parameters to reports/default.asp.
Max CVSS
7.5
EPSS Score
95.94%
Published
2005-10-30
Updated
2011-03-08
Multiple SQL injection vulnerabilities in Zomplog 3.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in detail.php and the catid parameter in (2) get.php and (3) index.php.
Max CVSS
7.5
EPSS Score
1.24%
Published
2005-10-26
Updated
2017-07-11
Multiple SQL injection vulnerabilities in Nuked Klan 1.7 allow remote attackers to execute arbitrary SQL commands via the (1) forum_id or (2) thread_id parameter in the Forum file, (3) the link_id in the Links file, (4) the artid parameter in the Sections file, and (5) the dl_id parameter in the Download file.
Max CVSS
7.5
EPSS Score
1.06%
Published
2005-10-26
Updated
2017-07-11
Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module.
Max CVSS
7.5
EPSS Score
1.33%
Published
2005-10-26
Updated
2017-07-11
SQL injection vulnerability in Accelerated Mortgage Manager allows remote attackers to execute arbitrary SQL commands via the password field.
Max CVSS
7.5
EPSS Score
0.22%
Published
2005-10-23
Updated
2008-09-10
Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) login field, (2) "search this thread" feature, (3) "search for posts" feature, (4) "forgot password" feature, (5) list parameter in userlistpre.php, and the (6) select, (7) categ, and (8) to parameters in index.php.
Max CVSS
7.5
EPSS Score
1.27%
Published
2005-10-20
Updated
2016-10-18
Multiple SQL injection vulnerabilities in Cyphor 0.19 allow remote attackers to execute arbitrary SQL and obtain administrative access via (1) the fid parameter of newmsg.php, which can enable XSS attacks when the SQL syntax is invalid or (2) the nick parameter of lostpwd.php.
Max CVSS
6.8
EPSS Score
0.65%
Published
2005-10-14
Updated
2017-07-11
Multiple SQL injection vulnerabilities in (1) aeNovo, (2) aeNovoShop and (3) aeNovoWYSI allow remote attackers to execute arbitrary SQL code via (a) the password parameter in control.asp, and (b) the strSQL parameter in search.asp, which can enable XSS attacks in resulting error messages.
Max CVSS
6.8
EPSS Score
1.03%
Published
2005-10-14
Updated
2017-07-11
SQL injection vulnerability in news.php for Utopia News Pro (UNP) 1.1.3, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary SQL via the newsid parameter.
Max CVSS
7.5
EPSS Score
1.30%
Published
2005-10-14
Updated
2017-07-11
Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the (1) txtLogin and (2) txtPassword parameters.
Max CVSS
7.5
EPSS Score
0.75%
Published
2005-10-14
Updated
2017-07-11
Multiple SQL injection vulnerabilities in PHP-Fusion before 6.00.110 allow remote attackers to execute arbitrary SQL commands via (1) the activate parameter in register.php and (2) the cat_id parameter in faq.php.
Max CVSS
7.5
EPSS Score
0.73%
Published
2005-10-06
Updated
2017-07-11
Multiple SQL injection vulnerabilities in photogallery.php in PHP-Fusion allow remote attackers to execute arbitrary SQL commands via the (1) album and (2) photo parameters.
Max CVSS
7.5
EPSS Score
0.15%
Published
2005-10-06
Updated
2008-09-05
30 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!