Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-08-21 | CVE-2009-2915 | SQL Injection vulnerability in 2Fly Gift Delivery System 6.0 SQL injection vulnerability in 2fly_gift.php in 2FLY Gift Delivery System 6.0 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a content action. | 7.5 |
2009-08-20 | CVE-2009-2895 | SQL Injection vulnerability in PHPsugar Ultimate Regnow Affiliate 3.0 SQL injection vulnerability in rss.php in Ultimate Regnow Affiliate (URA) 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |
2009-08-20 | CVE-2009-2894 | SQL Injection vulnerability in Clone2009 Ebay Clone 2009 Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to product_desc.php, and the cid parameter to (2) showcategory.php and (3) gallery.php. | 7.5 |
2009-08-20 | CVE-2009-2891 | SQL Injection vulnerability in PHPscriptsnow Riddles SQL injection vulnerability in list.php in PHP Scripts Now Riddles allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
2009-08-20 | CVE-2009-2888 | SQL Injection vulnerability in PHPscriptsnow Hangman SQL injection vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to execute arbitrary SQL commands via the n parameter. | 7.5 |
2009-08-20 | CVE-2009-2886 | SQL Injection vulnerability in PHPscriptsnow President Bios SQL injection vulnerability in bios.php in PHP Scripts Now President Bios allows remote attackers to execute arbitrary SQL commands via the rank parameter. | 7.5 |
2009-08-20 | CVE-2009-2885 | SQL Injection vulnerability in PHPscriptsnow World'S Tallest Buildings SQL injection vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter. | 7.5 |
2009-08-20 | CVE-2009-2883 | SQL Injection vulnerability in Arabless Saphplesson 4.0 SQL injection vulnerability in admin/login.php in SaphpLesson 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cp_username parameter, related to an error in the CleanVar function in includes/functions.php. | 6.8 |
2009-08-20 | CVE-2009-2881 | SQL Injection vulnerability in Artis.Imag Basilic 1.5.13 Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote attackers to execute arbitrary SQL commands via the idAuthor parameter to (1) index.php and possibly (2) allpubs.php in publications/. | 7.5 |
2009-08-19 | CVE-2008-7003 | SQL Injection vulnerability in The-Rat-Cms Alpha2 Multiple SQL injection vulnerabilities in login.php in The Rat CMS Alpha 2 allow remote attackers to execute arbitrary SQL commands via the (1) user_id and (2) password parameter. | 7.5 |