Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-09-30 | CVE-2009-3505 | SQL Injection vulnerability in Vastal Mmorpg Zone SQL injection vulnerability in view_news.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | 7.5 |
| 2009-09-30 | CVE-2009-3504 | SQL Injection vulnerability in Alibabaclone Alibaba Clone 3.0 SQL injection vulnerability in offers_buy.php in Alibaba Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2009-09-30 | CVE-2009-3503 | SQL Injection vulnerability in Bpowerhouse Bpholidaylettings 1.0 Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) rid and (2) tid parameters. | 7.5 |
| 2009-09-30 | CVE-2009-3502 | SQL Injection vulnerability in Bpowerhouse Bpmusic 1.0 SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote attackers to execute arbitrary SQL commands via the music_id parameter. | 7.5 |
| 2009-09-30 | CVE-2009-3501 | SQL Injection vulnerability in Bpowerhouse Bpstudents 1.0 SQL injection vulnerability in students.php in BPowerHouse BPStudents 1.0 allows remote attackers to execute arbitrary SQL commands via the test parameter in a preview action. | 7.5 |
| 2009-09-30 | CVE-2009-3500 | SQL Injection vulnerability in Bpowerhouse Bpgames 1.0 Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php. | 7.5 |
| 2009-09-30 | CVE-2009-3499 | SQL Injection vulnerability in Bpowerhouse Bplawyercasedocuments 1.0 SQL injection vulnerability in employee.aspx in BPowerHouse BPLawyerCaseDocuments 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |
| 2009-09-30 | CVE-2009-3498 | SQL Injection vulnerability in Hbcms 1.7 SQL injection vulnerability in php/update_article_hits.php in HBcms 1.7 allows remote attackers to execute arbitrary SQL commands via the article_id parameter. | 6.8 |
| 2009-09-30 | CVE-2009-3497 | SQL Injection vulnerability in Vastal Agent Zone SQL injection vulnerability in view_listing.php in Vastal I-Tech Agent Zone (aka The Real Estate Script) allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2009-09-30 | CVE-2009-3495 | SQL Injection vulnerability in Vastal DVD Zone SQL injection vulnerability in view_mag.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the mag_id parameter, a different vector than CVE-2008-4465. | 7.5 |