Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-09-03 | CVE-2009-3062 | SQL Injection vulnerability in PHPlivesupport. PHPlive! 3.3 SQL injection vulnerability in message_box.php in OSI Codes PHP Live! 3.3 allows remote attackers to execute arbitrary SQL commands via the deptid parameter. | 7.5 |
2009-09-03 | CVE-2009-3061 | SQL Injection vulnerability in Alqa6Ari Script Q R 1.0 SQL injection vulnerability in lesson.php in Alqatari Q R Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-09-03 | CVE-2009-3059 | SQL Injection vulnerability in Allpublication Jboard Multiple SQL injection vulnerabilities in Joker Board (aka JBoard) 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) core/select.php or (2) the city parameter to top_add.inc.php, reachable through sboard.php. | 7.5 |
2009-09-03 | CVE-2009-3054 | SQL Injection vulnerability in Artetics COM Artportal 1.0 SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php. | 7.5 |
2009-09-03 | CVE-2009-3052 | SQL Injection vulnerability in Absoluteanime Prime Quick Style 1.2.3 SQL injection vulnerability in root/includes/prime_quick_style.php in the Prime Quick Style addon before 1.2.3 for phpBB 3 allows remote authenticated users to execute arbitrary SQL commands via the prime_quick_style parameter to ucp.php. | 6.5 |
2009-09-02 | CVE-2008-7153 | SQL Injection vulnerability in Docebo SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header. | 7.5 |
2009-09-01 | CVE-2008-7145 | SQL Injection vulnerability in Coronamatrix PHPaddressbook 2.0 Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) parameters. | 7.5 |
2009-08-28 | CVE-2008-7120 | SQL Injection vulnerability in Mrcgiguy HOT Links Sql-PHP SQL injection vulnerability in Mr. | 7.5 |
2009-08-28 | CVE-2008-7119 | SQL Injection vulnerability in Webidsupport Webid 0.5.4 SQL injection vulnerability in item.php in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-08-28 | CVE-2008-7116 | SQL Injection vulnerability in Webidsupport Webid 0.5.4 SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the username. | 7.5 |