Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-12 | CVE-2008-0670 | SQL Injection vulnerability in Joomla COM Noticias 1.0 SQL injection vulnerability in index.php in the Noticias (com_noticias) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detalhe action. | 7.5 |
| 2008-02-07 | CVE-2008-0653 | SQL Injection vulnerability in Joomla COM Ynews 1.0.0 SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showYNews action. | 7.5 |
| 2008-02-07 | CVE-2008-0652 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. | 7.5 |
| 2008-02-07 | CVE-2008-0651 | SQL Injection vulnerability in Pedro Santana Codice CMS SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to execute arbitrary SQL commands via the username field. | 7.5 |
| 2008-02-07 | CVE-2008-0650 | SQL Injection vulnerability in Simple OS CMS Simple OS CMS 0.1Cbeta SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execute arbitrary SQL commands via the username field. | 7.5 |
| 2008-02-07 | CVE-2008-0649 | SQL Injection vulnerability in ADP Astanda Directory Project 1.2/1.3 SQL injection vulnerability in detail.php in Astanda Directory Project (ADP) 1.2 and 1.3 allows remote attackers to execute arbitrary SQL commands via the link_id parameter. | 7.5 |
| 2008-02-06 | CVE-2008-0614 | SQL Injection vulnerability in Photokorn Gallery 1.543 SQL injection vulnerability in index.php in Photokorn Gallery 1.543 allows remote attackers to execute arbitrary SQL commands via the pic parameter in a showpic action. | 7.5 |
| 2008-02-06 | CVE-2008-0611 | SQL Injection vulnerability in multiple products SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery System 2.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-02-06 | CVE-2008-0607 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
| 2008-02-06 | CVE-2008-0606 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter. | 7.5 |