SQL injection vulnerability in the ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mag_id parameter in a magazine action to index.php.
Max CVSS
7.5
EPSS Score
0.09%
Published
2009-01-30
Updated
2017-09-29
SQL injection vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to execute arbitrary SQL commands via the itemID parameter in a view action.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-01-29
Updated
2018-10-11
SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
0.17%
Published
2009-01-29
Updated
2017-09-29
SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-01-29
Updated
2017-09-29
SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_waticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-01-29
Updated
2017-10-19
Multiple SQL injection vulnerabilities in AV Book Library before 1.1 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) admin/edit.php, (2) admin/add.php, (3) lib/book_search.php, and possibly other components.
Max CVSS
7.5
EPSS Score
0.14%
Published
2009-01-29
Updated
2017-08-08
SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-01-29
Updated
2017-09-29
SQL injection vulnerability in readbible.php in Free Bible Search PHP Script 1.0 allows remote attackers to execute arbitrary SQL commands via the version parameter.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-01-29
Updated
2017-09-29
SQL injection vulnerability in login.php in Dark Age CMS 0.2c beta allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
0.07%
Published
2009-01-29
Updated
2017-08-08
Multiple SQL injection vulnerabilities in BibCiter 1.4 allow remote attackers to execute arbitrary SQL commands via the (1) idp parameter to reports/projects.php, the (2) idc parameter to reports/contacts.php, and the (3) idu parameter to reports/users.php.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-01-29
Updated
2017-09-29
SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.
Max CVSS
4.6
EPSS Score
0.47%
Published
2009-01-27
Updated
2018-10-11
SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Max CVSS
7.5
EPSS Score
0.09%
Published
2009-01-27
Updated
2017-09-29
SQL injection vulnerability in login_check.asp in ClickAuction allows remote attackers to execute arbitrary SQL commands via the (1) txtEmail and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-01-27
Updated
2017-09-29
SQL injection vulnerability in shop_display_products.php in Script Toko Online 5.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-01-27
Updated
2017-09-29
SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) 2.7 Stable 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
6.8
EPSS Score
0.06%
Published
2009-01-27
Updated
2017-09-29
SQL injection vulnerability in profile_view.php in Wazzum Dating Software, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the userid parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-01-27
Updated
2017-09-29
SQL injection vulnerability in show_cat2.php in SHOP-INET 4 allows remote attackers to execute arbitrary SQL commands via the grid parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-01-27
Updated
2017-09-29
SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password.
Max CVSS
7.5
EPSS Score
0.25%
Published
2009-01-27
Updated
2009-02-05
SQL injection vulnerability in category.php in Flax Article Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Max CVSS
7.5
EPSS Score
0.08%
Published
2009-01-27
Updated
2017-09-29
SQL injection vulnerability in login.aspx in WarHound Walking Club allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-01-27
Updated
2017-09-29
SQL injection vulnerability in comentar.php in Pardal CMS 0.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-01-27
Updated
2017-09-29
Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote attackers to execute arbitrary SQL commands via the (1) Login parameter (aka username field) or the (2) Password parameter (aka password field). NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.11%
Published
2009-01-22
Updated
2017-09-29
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-01-15
Updated
2009-01-15
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-01-09
Updated
2017-09-29
SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-01-09
Updated
2017-09-29
89 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!