Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-11-15 | CVE-2007-5975 | SQL Injection vulnerability in Torrentstrike 0.4 SQL injection vulnerability in index.php in TBSource, as used in (1) TBDev and (2) TorrentStrike 0.4, allows remote authenticated users to execute arbitrary SQL commands via the choice parameter. | 6.5 |
| 2007-11-15 | CVE-2007-5974 | SQL Injection vulnerability in Jportal web Portal 2 SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter. | 7.5 |
| 2007-11-15 | CVE-2007-5973 | SQL Injection vulnerability in Jportal web Portal SQL injection vulnerability in articles.php in JPortal 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter. | 7.5 |
| 2007-11-14 | CVE-2007-5951 | SQL Injection vulnerability in E-Vendejo 0.2 SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2007-11-10 | CVE-2007-5916 | SQL Injection vulnerability in PHPhelpdesk 0.6.16 SQL injection vulnerability in the login page in phphelpdesk 0.6.16 allows remote attackers to execute arbitrary SQL commands via unspecified parameters related to the "login procedures." | 7.5 |
| 2007-11-10 | CVE-2007-5912 | SQL Injection vulnerability in Jportal web Portal 2 SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter. | 7.5 |
| 2007-11-08 | CVE-2007-5766 | SQL Injection vulnerability in Oracle E-Business Suite 11I/12 SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2007-11-07 | CVE-2007-5887 | SQL Injection vulnerability in Infuseum ASP Message Board 2.2.1C SQL injection vulnerability in boards/printer.asp in ASP Message Board 2.2.1c allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2007-11-05 | CVE-2007-5836 | SQL Injection vulnerability in Afcommerce SQL injection vulnerability in Amazing Flash AFCommerce allows remote attackers to execute arbitrary SQL commands via the firstname parameter to an unspecified component, a different issue than CVE-2006-3794. | 7.5 |
| 2007-10-30 | CVE-2007-5719 | SQL Injection vulnerability in Minibb 2.1 SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows remote attackers to execute arbitrary SQL commands via the table parameter to index.php. | 7.5 |