Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-02-21 | CVE-2007-1026 | SQL Injection vulnerability in Scriptdungeon Xlatunes SQL injection vulnerability in view.php in XLAtunes 0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the album parameter in view mode. | 7.5 |
| 2007-02-16 | CVE-2007-0985 | SQL Injection vulnerability in PHPcc SQL injection vulnerability in nickpage.php in phpCC 4.2 beta and earlier allows remote attackers to execute arbitrary SQL commands via the npid parameter in a sign_gb action. | 7.5 |
| 2007-02-16 | CVE-2007-0984 | SQL Injection vulnerability in Aspcode.Net Pollmentor 2.0 SQL injection vulnerability in admin_poll.asp in PollMentor 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to pollmentorres.asp. | 7.5 |
| 2007-02-03 | CVE-2007-0695 | SQL Injection vulnerability in Free LAN Intra Internet Portal Free LAN Intra Internet Portal 0.9.0.1029/0.9.0.730/1.0Rc1 Multiple SQL injection vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2007-01-31 | CVE-2007-0642 | SQL Injection vulnerability in RBL Tforum 2.00 SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL - ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp. | 7.5 |
| 2007-01-30 | CVE-2007-0582 | SQL Injection vulnerability in Chernobile 1.0 SQL injection vulnerability in default.asp in ChernobiLe 1.0 allows remote attackers to execute arbitrary SQL commands via the User (username) field. | 7.5 |
| 2007-01-26 | CVE-2007-0527 | SQL Injection vulnerability in Website Baker Website Baker SQL injection vulnerability in the is_remembered function in class.login.php in Website Baker 2.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the REMEMBER_KEY cookie parameter. | 6.8 |
| 2007-01-26 | CVE-2007-0520 | SQL Injection vulnerability in Unique ADS Unique ADS 1.0 SQL injection vulnerability in banner.php in Unique Ads (UDS) 1.x allows remote attackers to execute arbitrary SQL commands via the bid parameter. | 7.5 |
| 2007-01-19 | CVE-2007-0350 | SQL Injection vulnerability in SME Filemailer Multiple SQL injection vulnerabilities in (a) index.php and (b) dl.php in SmE FileMailer 1.21 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ps, (2) us, (3) f, or (4) code parameter. | 7.5 |
| 2007-01-11 | CVE-2007-0196 | SQL Injection vulnerability in Motionborg web Real Estate SQL injection vulnerability in admin_check_user.asp in Motionborg Web Real Estate 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the username field (txtUserName parameter) and possibly other parameters. | 7.5 |