Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-09-11 | CVE-2007-4808 | SQL Injection vulnerability in TLM CMS TLM CMS 1.1/3.2 Multiple SQL injection vulnerabilities in TLM CMS 3.2 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to news.php in a lirenews action, (2) the idnews parameter to goodies.php in a lire action, (3) the id parameter to file.php in a voir action, (4) the ID parameter to affichage.php, (5) the id_sal parameter to mod_forum/afficher.php, or (6) the id_sujet parameter to mod_forum/messages.php. | 7.5 |
| 2007-09-11 | CVE-2007-4804 | SQL Injection vulnerability in Auracms 1.5Rc Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) hal.php, (2) cetak.php, (3) lihat.php, (4) pesan.php, and (5) teman.php, different vectors than CVE-2007-4171. | 7.5 |
| 2007-09-10 | CVE-2007-4778 | SQL Injection vulnerability in Joomla 1.5.0Beta1/1.5.0Beta2/1.5.0Rc1 Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to (1) archive.php, (2) category.php, or (3) section.php in models/. | 7.5 |
| 2007-09-10 | CVE-2007-4777 | SQL Injection vulnerability in Joomla 1.5.0Beta/1.5.0Beta2/1.5.0Rc1 SQL injection vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to the archive section. | 7.5 |
| 2007-09-08 | CVE-2007-4762 | SQL Injection vulnerability in E-Smart Cart E-Smart Cart 1.0 Multiple SQL injection vulnerabilities in embadmin/login.asp in E-SMARTCART 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user and (2) pass fields, different vectors than CVE-2007-0092. | 7.5 |
| 2007-09-06 | CVE-2007-4736 | SQL Injection vulnerability in Cartkeeper Ckgold Shopping Cart 2.0 SQL injection vulnerability in category.php in CartKeeper CKGold Shopping Cart 2.0 allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | 7.5 |
| 2007-09-05 | CVE-2007-4719 | SQL Injection vulnerability in 212Cafe 212Cafeboard 6.30Beta SQL injection vulnerability in read.php in 212cafeBoard 6.30 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2007-09-05 | CVE-2007-4716 | SQL Injection vulnerability in PHD Help Desk Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2007-09-05 | CVE-2007-4714 | SQL Injection vulnerability in Yvora 1.0 SQL injection vulnerability in error_view.php in Yvora 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
| 2007-09-04 | CVE-2007-4653 | SQL Injection vulnerability in PHPbb SQL injection vulnerability in links.php in the Links MOD 1.2.2 and earlier for phpBB 2.0.22 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter in a search action. | 7.5 |