Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-09 | CVE-2006-2239 | SQL Injection vulnerability in Tuomas Airaksinen Newsadmin 1.1 SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows remote attackers to execute arbitrary SQL commands via the nid parameter. | 7.5 |
| 2006-05-03 | CVE-2006-2157 | SQL Injection vulnerability in Plogger 2.1 SQL injection vulnerability in gallery.php in Plogger Beta 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, when the level is set to "slideshow". | 7.5 |
| 2006-05-01 | CVE-2006-2128 | SQL Injection vulnerability in Deltascripts PRO Publish 2.0 Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameter to (a) admin/login.php, (3) find_str parameter to (b) search.php, or (4) artid parameter to (c) art.php, or (5) catid parameter to (d) cat.php. | 7.5 |
| 2006-04-29 | CVE-2006-2103 | SQL Injection vulnerability in Mybulletinboard 1.1.1 SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the (1) query string ($querystring variable) in (a) admin/adminlogs.php, which is not properly handled by adminfunctions.php; or (2) setid, (3) expand, (4) title, or (5) sid2 parameters to (b) admin/templates.php. | 2.1 |
| 2006-04-29 | CVE-2006-2090 | SQL Injection vulnerability in Mysmartbb 1.1.2/1.1.3 Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) username parameters. | 7.5 |
| 2006-04-21 | CVE-2006-1978 | SQL Injection vulnerability in Flexbb SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_username COOKIE parameter. | 7.5 |
| 2006-04-21 | CVE-2006-1962 | SQL Injection vulnerability in Pcpin Chat SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username field (login parameter) to main.php. | 7.5 |
| 2006-04-20 | CVE-2006-1871 | SQL Injection vulnerability in Oracle Database Server 10.1.0.5/9.2.0.7 SQL injection vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.5 allows remote attackers to execute arbitrary SQL commands via the DELETE_FROM_TABLE function in the DBMS_LOGMNR_SESSION (Log Miner) package, aka Vuln# DB06. | 6.5 |
| 2006-04-12 | CVE-2006-1751 | SQL Injection vulnerability in Michiel VAN Baak Mvblog Multiple SQL injection vulnerabilities in MvBlog before 1.6 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2006-03-30 | CVE-2006-1501 | SQL Injection vulnerability in Oneorzero 1.6.3.0 SQL injection vulnerability in index.php in OneOrZero 1.6.3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly in the kans action. | 7.5 |