SQL injection vulnerability in property.php in elkagroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
Max CVSS
7.5
EPSS Score
13.92%
Published
2007-06-27
Updated
2017-10-11
SQL injection vulnerability in Papoo 3.6, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the selmenuid parameter to certain components.
Max CVSS
7.5
EPSS Score
0.86%
Published
2007-06-27
Updated
2018-10-16
SQL injection vulnerability in essentials/minutes/doc.php in eDocStore allows remote attackers to execute arbitrary SQL commands via the doc_id parameter in an inline action.
Max CVSS
7.5
EPSS Score
13.92%
Published
2007-06-27
Updated
2017-10-11
SQL injection vulnerability in member.php in 6ALBlog allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
6.8
EPSS Score
0.17%
Published
2007-06-27
Updated
2012-10-31
SQL injection vulnerability in member.php in 6ALBlog allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
Max CVSS
6.8
EPSS Score
0.95%
Published
2007-06-27
Updated
2017-10-11
SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the "basic search box." NOTE: 4.0.2 and other versions might also be affected.
Max CVSS
6.8
EPSS Score
0.74%
Published
2007-06-27
Updated
2017-10-11
SQL injection vulnerability in index.php in Pharmacy System 2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter in an add action.
Max CVSS
7.5
EPSS Score
0.48%
Published
2007-06-27
Updated
2017-10-11
SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action.
Max CVSS
7.5
EPSS Score
0.78%
Published
2007-06-27
Updated
2017-10-11
SQL injection vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a stats action.
Max CVSS
7.5
EPSS Score
0.90%
Published
2007-06-27
Updated
2018-10-16
Multiple SQL injection vulnerabilities in index.php in phpRaider 1.0.0 rc8 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) type parameter.
Max CVSS
7.5
EPSS Score
0.18%
Published
2007-06-26
Updated
2017-07-29
SQL injection vulnerability in edit_image.asp in ClickGallery Server 5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the image_id parameter.
Max CVSS
7.5
EPSS Score
0.27%
Published
2007-06-26
Updated
2017-07-29
SQL injection vulnerability in index.php in pagetool 1.07 allows remote attackers to execute arbitrary SQL commands via the news_id parameter in a pagetool_news action.
Max CVSS
7.5
EPSS Score
0.89%
Published
2007-06-26
Updated
2018-10-16
SQL injection vulnerability in include/get_userdata.php in Power Phlogger (PPhlogger) 2.2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.php.
Max CVSS
7.5
EPSS Score
0.73%
Published
2007-06-26
Updated
2018-10-16
Multiple SQL injection vulnerabilities in eNdonesia 8.4 allow remote attackers to execute arbitrary SQL commands via the (1) artid parameter to mod.php in a viewarticle action (publisher mod) and the (2) bid parameter to banners.php in a click action. NOTE: the mod.php viewdisk and viewlink vectors are already covered by CVE-2006-6873.
Max CVSS
7.5
EPSS Score
0.42%
Published
2007-06-26
Updated
2018-10-16
Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition allow remote attackers to execute arbitrary SQL commands via the s_user_id parameter to ViewCat.php and other unspecified vectors. NOTE: the CatID/ViewCat.php, CatID/gallery.php, and ItemNum/ViewItem.php vectors are already covered by CVE-2005-3978.
Max CVSS
7.5
EPSS Score
0.67%
Published
2007-06-22
Updated
2018-10-16
Multiple SQL injection vulnerabilities in index.php in PHPAccounts 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) Outgoing_Type_ID, (2) Outgoing_ID, (3) Project_ID, (4) Client_ID, (5) Invoice_ID, or (6) Vendor_ID parameter.
Max CVSS
7.5
EPSS Score
0.18%
Published
2007-06-22
Updated
2017-07-29
Multiple SQL injection vulnerabilities in the admin panel in PHPEcho CMS before 1.6 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.18%
Published
2007-06-21
Updated
2008-11-13
SQL injection vulnerability in comersus_optReviewReadExec.asp in Comersus Shop Cart 7.07 allows remote attackers to execute arbitrary SQL commands via the idProduct parameter. NOTE: this might be the same as CVE-2005-2190.2.
Max CVSS
7.5
EPSS Score
0.31%
Published
2007-06-21
Updated
2018-10-16
Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the login_username parameter to login.php or (2) the item parameter to news.php.
Max CVSS
7.5
EPSS Score
0.80%
Published
2007-06-21
Updated
2017-10-11
SQL injection vulnerability in print.php in the Articles 1.02 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.34%
Published
2007-06-21
Updated
2018-10-16
SQL injection vulnerability in game_listing.php in Solar Empire 2.9.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.
Max CVSS
7.5
EPSS Score
0.51%
Published
2007-06-21
Updated
2017-10-11
SQL injection vulnerability in forum/include/error/autherror.cfm in FuseTalk allows remote attackers to execute arbitrary SQL commands via the errorcode parameter. NOTE: a patch may have been released privately between April and June 2007. NOTE: this issue may overlap CVE-2007-3273.
Max CVSS
7.5
EPSS Score
0.18%
Published
2007-06-20
Updated
2018-10-16
SQL injection vulnerability in Spey before 0.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to MessageProcessor.cc and possibly other components.
Max CVSS
7.5
EPSS Score
0.57%
Published
2007-06-20
Updated
2011-03-08
SQL injection vulnerability in categoria.php in LiveCMS 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Max CVSS
7.5
EPSS Score
0.87%
Published
2007-06-20
Updated
2017-10-11
SQL injection vulnerability in index.cfm in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
0.21%
Published
2007-06-19
Updated
2012-10-24
58 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!