Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-09-10 | CVE-2009-3148 | SQL Injection vulnerability in Portalxp 1.2 Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) calendar.php, (2) news.php, and (3) links.php; and the (4) assignment_id parameter to assignments.php. | 7.5 |
| 2009-09-09 | CVE-2009-3119 | SQL Injection vulnerability in X-Iweb.Ru Download System MSF SQL injection vulnerability in screen.php in the Download System mSF (dsmsf) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the view_id parameter. | 7.5 |
| 2009-09-09 | CVE-2009-3118 | SQL Injection vulnerability in Danneo CMS 0.5/0.5.1 SQL injection vulnerability in mod/poll/comment.php in the vote module in Danneo CMS 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the comtext parameter, in conjunction with crafted comname and comtitle parameters, in a poll action to index.php, related to incorrect input sanitization in base/danneo.function.php. | 7.5 |
| 2009-09-09 | CVE-2009-3117 | SQL Injection vulnerability in Snowhall Silurus System 1.0 SQL injection vulnerability in category.php in Snow Hall Silurus System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
| 2009-09-09 | CVE-2009-3116 | SQL Injection vulnerability in Uiga Church Portal SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the year parameter in a calendar action. | 7.5 |
| 2009-09-08 | CVE-2008-7169 | SQL Injection vulnerability in Jabode COM Jabode SQL injection vulnerability in Jabode horoscope extension (com_jabode) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php. | 7.5 |
| 2009-09-04 | CVE-2009-3082 | SQL Injection vulnerability in Snowhall Silurus System 1.0 SQL injection vulnerability in wcategory.php in Snow Hall Silurus System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
| 2009-09-04 | CVE-2009-3081 | SQL Injection vulnerability in Uiga Church Portal SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the month parameter in a calendar action. | 7.5 |
| 2009-09-03 | CVE-2009-3063 | SQL Injection vulnerability in Indianpulses COM Gameserver 1.0 SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php. | 7.5 |
| 2009-09-03 | CVE-2009-3062 | SQL Injection vulnerability in PHPlivesupport. PHPlive! 3.3 SQL injection vulnerability in message_box.php in OSI Codes PHP Live! 3.3 allows remote attackers to execute arbitrary SQL commands via the deptid parameter. | 7.5 |