Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-06 | CVE-2008-0603 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task. | 7.5 |
| 2008-02-06 | CVE-2008-0601 | SQL Injection vulnerability in ALL Club CMS ALL Club CMS SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | 7.5 |
| 2008-02-05 | CVE-2008-0579 | SQL Injection vulnerability in Joomla COM Buslicense SQL injection vulnerability in index.php in the buslicense (com_buslicense) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in a list action. | 7.5 |
| 2008-02-05 | CVE-2008-0565 | SQL Injection vulnerability in Deltascripts PHP Links SQL injection vulnerability in vote.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 6.8 |
| 2008-02-04 | CVE-2008-0562 | SQL Injection vulnerability in Mamboserver Joomla and Mambo SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | 7.5 |
| 2008-02-04 | CVE-2008-0561 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | 7.5 |
| 2008-02-04 | CVE-2008-0557 | SQL Injection vulnerability in Mamboserver Catalogshop 1.0B1 SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | 7.5 |
| 2008-02-01 | CVE-2008-0546 | SQL Injection vulnerability in Shoppingtree Candypress Store 4.1/4.1.1.26 Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idProduct and (2) options parameters to (a) ajax/ajax_optInventory.asp, or the (2) recid parameter to (b) ajax/ajax_getBrands.asp. | 7.5 |
| 2008-02-01 | CVE-2008-0543 | SQL Injection vulnerability in PRE Projects PRE Dynamic Institution Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp. | 7.5 |
| 2008-02-01 | CVE-2008-0538 | SQL Injection vulnerability in PHPip Management 4.3.2 Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to login.php, the (2) id parameter to display.php, and unspecified other vectors. | 6.8 |