Security Vulnerabilities, CVEs, Published In 2008 (Sql injection)
SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the albums parameter.
Max CVSS
10.0
EPSS Score
0.10%
Published
2008-02-13
Updated
2017-09-29
SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote attackers to execute arbitrary SQL commands via the username parameter.
Max CVSS
10.0
EPSS Score
0.12%
Published
2008-12-17
Updated
2017-09-29
SQL injection vulnerability in bannerclick.php in ZeeBuddy 2.1 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
Max CVSS
9.8
EPSS Score
0.17%
Published
2008-08-12
Updated
2017-11-16
SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562.
Max CVSS
9.3
EPSS Score
0.09%
Published
2008-03-24
Updated
2017-09-29
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection.
Max CVSS
9.0
EPSS Score
0.34%
Published
2008-04-16
Updated
2018-10-11
SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
Max CVSS
7.5
EPSS Score
0.15%
Published
2008-01-04
Updated
2017-09-29
SQL injection vulnerability in index.php in IPTBB 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewdir action.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-01-04
Updated
2017-09-29
SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-01-04
Updated
2017-09-29
SQL injection vulnerability in content_css.php in the TinyMCE module for CMS Made Simple 1.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the templateid parameter.
Max CVSS
7.5
EPSS Score
9.12%
Published
2008-01-04
Updated
2017-09-29
SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page.
Max CVSS
7.5
EPSS Score
0.12%
Published
2008-01-04
Updated
2018-10-15
SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arcade (com_puarcade) 2.0.3, 2.1.2, and 2.1.3 Beta component for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter to index.php.
Max CVSS
7.5
EPSS Score
1.68%
Published
2008-01-04
Updated
2017-09-29
SQL injection vulnerability in index.php in WebPortal CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-01-04
Updated
2017-09-29
SQL injection vulnerability in admin/login.asp in Netchemia oneSCHOOL allows remote attackers to execute arbitrary SQL commands via the txtLoginID parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-01-04
Updated
2017-09-29
SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 allows remote attackers to execute arbitrary SQL commands via the albumnr parameter.
Max CVSS
7.5
EPSS Score
0.09%
Published
2008-01-04
Updated
2017-09-29
SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers to execute arbitrary SQL commands via the string parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-01-08
Updated
2008-11-15
SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-6021. NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.12%
Published
2008-01-08
Updated
2018-10-15
SQL injection vulnerability in Wiz-Ad 1.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-12-05
Updated
2008-12-05
SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter.
Max CVSS
7.5
EPSS Score
0.09%
Published
2008-01-04
Updated
2017-09-29
SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Username parameter, a different vulnerability than CVE-2007-6671. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
0.14%
Published
2008-01-08
Updated
2017-08-08
Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to cat_main.php and the (2) cat parameter to forum.php in a liste action.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-01-08
Updated
2017-09-29
PHP remote file inclusion vulnerability in config.inc.php in SNETWORKS PHP CLASSIFIEDS 5.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter.
Max CVSS
7.5
EPSS Score
2.08%
Published
2008-01-08
Updated
2017-09-29
PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences.
Max CVSS
7.5
EPSS Score
1.12%
Published
2008-01-08
Updated
2017-09-29
SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to execute arbitrary SQL commands the c parameter.
Max CVSS
7.5
EPSS Score
0.14%
Published
2008-01-09
Updated
2017-09-29
SQL injection vulnerability in FlexBB 0.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_temp_id parameter in a cookie.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-01-09
Updated
2017-09-29
SQL injection vulnerability in Gforge 4.6.99 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
Max CVSS
7.5
EPSS Score
0.38%
Published
2008-01-15
Updated
2017-08-08