Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-01-17 | CVE-2008-0326 | SQL Injection vulnerability in Fascript Fapersianhack 1.0 SQL injection vulnerability in class/show.php in FaScript FaPersianHack 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to show.php. | 7.5 |
| 2008-01-17 | CVE-2008-0325 | SQL Injection vulnerability in Fascript Fapersian Petition SQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-01-16 | CVE-2008-0291 | SQL Injection vulnerability in Hangzhou Rui-Qiang Richstrong CMS SQL injection vulnerability in showproduct.asp in RichStrong CMS allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |
| 2008-01-16 | CVE-2008-0290 | SQL Injection vulnerability in Digitalhive Multiple SQL injection vulnerabilities in Digital Hive 2.0 RC2 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the selectskin parameter to an unspecified program, or (2) remote authenticated administrators to execute arbitrary SQL commands via the user_id parameter in the gestion_membre.php page to base.php. | 7.5 |
| 2008-01-16 | CVE-2008-0288 | SQL Injection vulnerability in Imagealbum 2.0.0B2 Multiple SQL injection vulnerabilities in ImageAlbum 2.0.0b2 allow remote attackers to execute arbitrary SQL commands via the id, which is not properly handled in (1) classes/IADomain.php, (2) classes/IACollection.php, and (3) classes/IAUser.php, as demonstrated via the id parameter in a collection.imageview action. | 7.5 |
| 2008-01-16 | CVE-2008-0286 | SQL Injection vulnerability in Article Dashboard Article Dashboard SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields. | 7.5 |
| 2008-01-15 | CVE-2008-0282 | SQL Injection vulnerability in Domphp SQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary SQL commands via the mail parameter. | 7.5 |
| 2008-01-15 | CVE-2008-0281 | SQL Injection vulnerability in Id-Commerce SQL injection vulnerability in liste.php in ID-Commerce 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idFamille parameter. | 7.5 |
| 2008-01-15 | CVE-2008-0280 | SQL Injection vulnerability in Mtcms 2.0 SQL injection vulnerability in index.php in MTCMS 2.0 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the (1) a or (2) cid parameter. | 7.5 |
| 2008-01-15 | CVE-2008-0279 | SQL Injection vulnerability in Xforum 1.4 SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. | 7.5 |