| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple SQL injection vulnerabilities in index.php in Insanely Simple Blog 0.5 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter, or (2) the term parameter in a search action. NOTE: the current_subsection parameter is already covered by CVE-2007-3889. |
| Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) code parameter in a confirm_data action to edit1.php and the (2) id parameter to view_more.php. |
| SQL injection vulnerability in linking.page.php in Automated Link Exchange Portal allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: linking.page.php is commonly renamed to link.php, links.php, etc. |
| SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the field parameter in a search action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in pages.php and (2) the price_max parameter in search.php. |
| SQL injection vulnerability in search.php in phpDatingClub 3.7 allows remote attackers to execute arbitrary SQL commands via the sform[day] parameter. |
| Multiple SQL injection vulnerabilities in Kjtechforce mailman beta1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the code parameter to activate.php or (2) the dest parameter to index.php. |
| SQL injection vulnerability in recommend.php in Five Star Review Script allows remote attackers to execute arbitrary SQL commands via the item_id parameter. |
| SQL injection vulnerability in index.php in Simasy CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in trr.php in YourFreeWorld Ad Board Script allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in index.php in Papoo before 3.7.2 allows remote attackers to execute arbitrary SQL commands via the suchanzahl parameter. |
| SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the id vector is already covered by CVE-2007-5679. |
| Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to execute arbitrary SQL commands via (1) the annuaire parameter to annuaire.php or (2) the username field in admin/login.php. |
| SQL injection vulnerability in directory.php in SFS Affiliate Directory allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action. |
| SQL injection vulnerability in product.php in PHPBasket allows remote attackers to execute arbitrary SQL commands via the pro_id parameter. |
| SQL injection vulnerability in index.php in PHPArcadeScript (PHP Arcade Script) 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a browse action. |
| SQL injection vulnerability in bannerclick.php in ZEEJOBSITE 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter. |
| SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels 3 allows remote attackers to execute arbitrary SQL commands via the id_cat parameter. |
| SQL injection vulnerability in ugroups.php in PozScripts TubeGuru Video Sharing Script allows remote attackers to execute arbitrary SQL commands via the UID parameter. |
