Vulnerabilities (CVE)

CWE filter

CWE-89

Filter

5692 total CVE
CVE Vendors Products Updated CVSS
CVE-2007-6719 1 Inspector It 1 Wiz-ad 2008-12-05 7.5
SQL injection vulnerability in Wiz-Ad 1.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2429 1 Calendarix 1 Basic 2008-11-26 7.5
Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via (1) the catsearch parameter to cal_search.php or (2) the catview parameter to cal_cat.php. NOTE: vector 1 might...
CVE-2008-5087 1 Typo3 1 Another Backend Login 2008-11-17 7.5
SQL injection vulnerability in TYPO3 Another Backend Login (wrg_anotherbelogin) extension before 0.0.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3965 1 Mybb 1 Mybb 2008-11-15 7.5
SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.4.1 allows remote attackers to execute arbitrary SQL commands via a certain editor field.
CVE-2007-6670 1 Phpcredo 1 Phcdownload 2008-11-15 7.5
SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers to execute arbitrary SQL commands via the string parameter.
CVE-2007-4552 1 Agares Media 1 Arcadem 2008-11-15 7.5
SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this...
CVE-2007-3637 1 Mkportal 1 Mkportal 2008-11-15 7.5
SQL injection vulnerability in MKPortal 1.1.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZD-00000008. this information is based upon a vague advisory by a vulnerability information sales organization...
CVE-2008-5037 1 Elkagroup 1 Image Gallery 2008-11-13 7.5
SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2005-4632 1 Vote Pro 1 Vote Pro 2008-09-20 7.5
SQL injection vulnerability in poll_frame.php in Vote! Pro 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the poll_id parameter.
CVE-2005-4027 1 Simplemedia 1 Simplebbs 2008-09-20 7.5
SQL injection vulnerability in SimpleBBS 1.1 allows remote attackers to execute arbitrary SQL commands via unspecified search module parameters.
CVE-2008-4055 1 Texmedia 1 Million Pixel Script 2008-09-12 7.5
SQL injection vulnerability in tops_top.php in Million Pixel Ad Script (Million Pixel Script) allows remote attackers to execute arbitrary SQL commands via the id_cat parameter.
CVE-2008-3754 1 Yourfreeworld 1 Stylish Text Ads Script 2008-09-05 7.5
SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3590 1 Egi Zaberl 1 E.z. Poll 2008-09-05 7.5
Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. Poll 2 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters. NOTE: the provenance of this information is unknown; the details...
CVE-2008-2858 1 Webchamado 1 Webchamado 2008-09-05 6.8
SQL injection vulnerability in index.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the eml parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1341 1 Lagarde 1 Storefront 2008-09-05 7.5
SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFront 6 before SP8 allows remote attackers to execute arbitrary SQL commands via the CategoryId parameter. NOTE: the provenance of this information is unknown; the details are...
CVE-2008-1065 1 Xoops 1 Xm Memberstats 2008-09-05 7.5
Multiple SQL injection vulnerabilities in index.php in the XM-Memberstats (xmmemberstats) 2.0e module for XOOPS allow remote attackers to execute arbitrary SQL commands via the (1) letter or (2) sortby parameter. NOTE: the provenance of this...
CVE-2008-0937 2 Tinyevent, Xoops 2 Tiny Event Module, Tinyevent 2008-09-05 6.8
SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811.
CVE-2008-0936 1 Xoops 1 Prayer List Module 2008-09-05 7.5
SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
CVE-2008-0846 2 Mambo, Joomla 2 Com Profile, Com Profile 2008-09-05 7.5
SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter.
CVE-2008-0685 1 Itechscripts 1 Itechclassifieds 2008-09-05 7.5
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.