Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-09-16 | CVE-2009-3224 | SQL Injection vulnerability in Classified-Software Super MOD System SQL injection vulnerability in index.php in Super Mod System, when using the 68 Classifieds 3.1 Core System, allows remote attackers to execute arbitrary SQL commands via the s parameter. | 7.5 |
2009-09-16 | CVE-2009-3223 | SQL Injection vulnerability in Inoutscripts Inout Adserver SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | 6.5 |
2009-09-16 | CVE-2009-3218 | SQL Injection vulnerability in The-Ghost AR web Content Manager 2.1 SQL injection vulnerability in control/login.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | 6.8 |
2009-09-16 | CVE-2009-3217 | SQL Injection vulnerability in Wiccle Iwiccle 1.01 SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the member_id parameter in an edit_user action to index.php. | 7.5 |
2009-09-16 | CVE-2009-3215 | SQL Injection vulnerability in PHP-Shop-System Ixxo Cart SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter. | 7.5 |
2009-09-16 | CVE-2009-3212 | SQL Injection vulnerability in Dimofinf Infinity Script 2.0.5 SQL injection vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username field. | 6.8 |
2009-09-16 | CVE-2009-3209 | SQL Injection vulnerability in Raizlabs PHP Email Manager 3.3.0 SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2009-09-16 | CVE-2009-3208 | SQL Injection vulnerability in Prakashatma Mishra PHPfreebb 1.0 Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to permalink.php and (2) year parameter to index.php. | 7.5 |
2009-09-16 | CVE-2009-3205 | SQL Injection vulnerability in Cbauthority SQL injection vulnerability in main.php in CBAuthority allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_product action. | 7.5 |
2009-09-16 | CVE-2009-3203 | SQL Injection vulnerability in Ajsquare AJ Auction Pro-Oopd 2.0 SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |