Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-03 | CVE-2007-5177 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the MambAds (com_mambads) 1.5 and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the caid parameter. | 7.5 |
| 2007-10-01 | CVE-2007-5084 | SQL Injection vulnerability in Broadcom Brightstor Hierarchical Storage Manager 11.5 Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others. | 6.8 |
| 2007-10-01 | CVE-2007-5151 | SQL Injection vulnerability in Nukescripts Nukesentinel 2.5.12 SQL injection vulnerability in the abget_admin function in includes/nukesentinel.php in NukeSentinel 2.5.12 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie. | 7.5 |
| 2007-10-01 | CVE-2007-5150 | SQL Injection vulnerability in Nukescripts Nukesentinel 2.5.11 SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie, a different vector than CVE-2007-5125. | 7.5 |
| 2007-09-28 | CVE-2007-5141 | SQL Injection vulnerability in Sitex CMS 0.7.3Beta SQL injection vulnerability in search.php in SiteX CMS 0.7.3 Beta allows remote attackers to execute arbitrary SQL commands via the search parameter. | 6.8 |
| 2007-09-27 | CVE-2007-5131 | SQL Injection vulnerability in Interspire Activekb NX 2/2.6 SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. | 7.5 |
| 2007-09-27 | CVE-2007-5123 | SQL Injection vulnerability in Solidweb Novus 1.0 SQL injection vulnerability in notas.asp in Novus 1.0 allows remote attackers to execute arbitrary SQL commands via the nota_id parameter. | 7.5 |
| 2007-09-27 | CVE-2007-5122 | SQL Injection vulnerability in Softbizscripts Classifieds Plus Script SQL injection vulnerability in store_info.php in SoftBiz Classifieds PLUS allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2007-09-26 | CVE-2007-5104 | SQL Injection vulnerability in Bcoos 1.0.10 SQL injection vulnerability in index.php in the Arcade module in bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a play_game action. | 7.5 |
| 2007-09-24 | CVE-2007-5068 | SQL Injection vulnerability in PHPfullannu 6.0 SQL injection vulnerability in index.php in phpFullAnnu (PFA) 6.0 allows remote attackers to execute arbitrary SQL commands via the mod parameter. | 7.5 |