Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-06-19 | CVE-2007-3273 | SQL Injection vulnerability in Fusetalk 2.0 SQL injection vulnerability in index.cfm in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2007-06-07 | CVE-2007-3119 | SQL Injection vulnerability in Kartli Alisveris Sistemi Kartli Alisveris Sistemi 1.0 SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) 1.0 allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | 7.5 |
| 2007-06-06 | CVE-2007-3063 | SQL Injection vulnerability in Mealex MY Databook NIL SQL injection vulnerability in diary.php in My Databook allows remote attackers to execute arbitrary SQL commands via the delete parameter. | 7.5 |
| 2007-05-30 | CVE-2007-2898 | SQL Injection vulnerability in 2Z Project 2Z Project 0.9.5 SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php. | 7.5 |
| 2007-05-22 | CVE-2007-2803 | SQL Injection vulnerability in Vizayn Urun Tanitim Sitesi 0.2 SQL injection vulnerability in default.asp in Vizayn Urun Tanitim Sitesi 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a haberdetay action. | 7.5 |
| 2007-05-14 | CVE-2007-2673 | SQL Injection vulnerability in Censura 1.15.04 SQL injection vulnerability in includes/funcs_vendors.php in Censura 1.15.04, and other versions before 1.16.04, allows remote attackers to execute arbitrary SQL commands via the vendorid parameter in a vendor_info cmd action to censura.php. | 7.5 |
| 2007-05-09 | CVE-2007-2571 | SQL Injection vulnerability in Xoops Wfquotes Module SQL injection vulnerability in index.php in the wfquotes 1.0 0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the c parameter in a cat action. | 7.5 |
| 2007-04-25 | CVE-2007-2230 | SQL Injection vulnerability in Broadcom Cleverpath Portal SQL injection vulnerability in CA Clever Path Portal allows remote authenticated users to execute limited SQL commands and retrieve arbitrary database contents via (1) the ofinterest parameter in a light search query, (2) description parameter in the advanced search query, and possibly other vectors. | 6.5 |
| 2007-04-18 | CVE-2007-2113 | SQL Injection vulnerability in Oracle Database Server 10.1.0.5 SQL injection vulnerability in the Upgrade/Downgrade component (DBMS_UPGRADE_INTERNAL) for Oracle Database 10.1.0.5 allows remote authenticated users to execute arbitrary SQL commands via unknown vectors, aka DB07. | 7.5 |
| 2007-04-18 | CVE-2007-2111 | SQL Injection vulnerability in Oracle Database Server 10.1.0.5/9.0.1.5/9.2.0.7 SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 allows remote authenticated users to inject arbitrary SQL commands via unknown vectors, aka DB04. | 6.5 |