Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-10-16 | CVE-2009-3697 | SQL Injection vulnerability in PHPmyadmin SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters. | 7.5 |
2009-10-16 | CVE-2009-2734 | SQL Injection vulnerability in Achievo SQL injection vulnerability in the get_employee function in classweekreport.inc in Achievo before 1.4.0 allows remote attackers to execute arbitrary SQL commands via the userid parameter (aka user_id variable) to dispatch.php. | 7.5 |
2009-10-11 | CVE-2009-3669 | SQL Injection vulnerability in Foobla COM Foobla Suggestions 1.5.11 SQL injection vulnerability in the foobla Suggestions (com_foobla_suggestions) component 1.5.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the idea_id parameter to index.php. | 7.5 |
2009-10-11 | CVE-2009-3667 | SQL Injection vulnerability in Adsdx 3.05 SQL injection vulnerability in admin/index.php in AdsDX 3.05 allows remote attackers to execute arbitrary SQL commands via the Username. | 7.5 |
2009-10-11 | CVE-2009-3665 | SQL Injection vulnerability in Nullam Blog 0.1.2 Multiple SQL injection vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote attackers to execute arbitrary SQL commands via the (1) i parameter or (2) v parameters in a register action. | 7.5 |
2009-10-11 | CVE-2009-3661 | SQL Injection vulnerability in Blueconstantmedia COM Djcatalog Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php. | 6.8 |
2009-10-11 | CVE-2009-3659 | SQL Injection vulnerability in Stanback BS Counter 2.5.3 SQL injection vulnerability in file/stats.php in BS Counter 2.5.3 allows remote attackers to execute arbitrary SQL commands via the page parameter. | 7.5 |
2009-10-09 | CVE-2009-3645 | SQL Injection vulnerability in Joomlacache COM Cbresumebuilder SQL injection vulnerability in the JoomlaCache CB Resume Builder (com_cbresumebuilder) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the group_id parameter in a group_members action to index.php. | 7.5 |
2009-10-09 | CVE-2009-3644 | SQL Injection vulnerability in Soundset COM Soundset 1.0 SQL injection vulnerability in the Soundset (com_soundset) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php. | 7.5 |
2009-10-09 | CVE-2009-3642 | SQL Injection vulnerability in Frontrange Heat 8.01 Multiple SQL injection vulnerabilities in the Call Logging feature in FrontRange HEAT 8.01 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | 7.5 |