Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-01-10 | CVE-2006-0159 | SQL Injection vulnerability in Javier Suarez Sanz Foro Domus 2.10 SQL injection vulnerability in escribir.php in Foro Domus 2.10 allows remote attackers to execute arbitrary SQL commands via the email parameter. | 7.5 |
| 2006-01-09 | CVE-2006-0123 | SQL Injection vulnerability in ADN Forum ADN Forum 1.0/1.0B Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote attackers to execute arbitrary SQL commands via the (1) fid parameter in index.php and (2) pagid parameter in verpag.php, and possibly other vectors. | 7.5 |
| 2006-01-09 | CVE-2006-0115 | SQL Injection vulnerability in Oneplug Solutions Oneplug CMS Multiple SQL injection vulnerabilities in OnePlug Solutions OnePlug CMS allow remote attackers to execute arbitrary SQL commands via the (1) Press_Release_ID parameter in press/details.asp, (2) Service_ID parameter in services/details.asp, and (3) Product_ID parameter in products/details.asp. | 7.5 |
| 2006-01-04 | CVE-2006-0074 | SQL Injection vulnerability in Jevontech PHPenpals SQL injection vulnerability in profile.php in PHPenpals allows remote attackers to execute arbitrary SQL commands via the personalID parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4711 | SQL-Injection vulnerability in Neocrome Land Down Under SQL injection vulnerability in Neocrome Land Down Under (LDU) 801 allows remote attackers to execute arbitrary SQL commands via an HTTP Referer header. | 6.8 |
| 2005-12-31 | CVE-2005-4632 | SQL Injection vulnerability in Vote PRO Vote PRO SQL injection vulnerability in poll_frame.php in Vote! Pro 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the poll_id parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4617 | SQL Injection vulnerability in Forperfect Csupport 1.0 SQL injection vulnerability in tickets.php in cSupport 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the pg parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4606 | SQL Injection vulnerability in Webwiz products SQL injection vulnerability in check_user.asp in multiple Web Wiz products including (1) Site News 3.06 and earlier, (2) Journal 1.0 and earlier, (3) Polls 3.06 and earlier, and (4) and Database Login 1.71 and earlier allows remote attackers to execute arbitrary SQL commands via the txtUserName parameter. | 7.5 |
| 2005-12-22 | CVE-2005-4500 | SQL Injection vulnerability in Musicbox 2.3 SQL injection vulnerability in MusicBox 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) show and (2) type parameter. | 7.5 |
| 2005-12-22 | CVE-2005-4478 | SQL Injection vulnerability in Papoo Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) menuid parameter to (a) index.php and (b) guestbook.php, and the (2) forumid and (3) reporeid_print parameters to (c) print.php. | 7.5 |