Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-11-13 | CVE-2008-5054 | SQL Injection vulnerability in Develop IT Easy Membership System 1.3 Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters to customer_login.php and the (3) user_name and (4) user_pass parameters to admin/index.php. | 7.5 |
2008-11-13 | CVE-2008-5051 | SQL Injection vulnerability in Jooblog 1.1 SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php. | 7.5 |
2008-11-13 | CVE-2008-5047 | SQL Injection vulnerability in Mole Group Rental Script SQL injection vulnerability in admin/index.php in Mole Group Rental Script allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2008-11-13 | CVE-2008-5046 | SQL Injection vulnerability in Mole Group Pizza Script SQL injection vulnerability in index.php in Mole Group Pizza Script allows remote attackers to execute arbitrary SQL commands via the manufacturers_id parameter. | 7.5 |
2008-11-12 | CVE-2008-5037 | SQL Injection vulnerability in Elkagroup Image Gallery 1.0 SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2008-11-10 | CVE-2008-5004 | SQL Injection vulnerability in Mywebland Bloggie Lite 0.0.2 SQL injection vulnerability in genscode.php in myWebland Bloggie Lite 0.0.2 beta allows remote attackers to execute arbitrary SQL commands via a crafted cookie. | 7.5 |
2008-11-10 | CVE-2008-5003 | SQL Injection vulnerability in Shahrood SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-11-10 | CVE-2008-5000 | SQL Injection vulnerability in PHPx 3.5.16 SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via uppercase characters in the news_id parameter. | 6.8 |
2008-11-06 | CVE-2008-4991 | SQL Injection vulnerability in Ec-Cube SQL injection vulnerability in LOCKON CO.,LTD. | 7.5 |
2008-11-04 | CVE-2008-4906 | SQL Injection vulnerability in W1N78 Lyrics 0.4.2 SQL injection vulnerability in lyrics_song.php in the Lyrics (lyrics_menu) plugin 0.42 for e107 allows remote attackers to execute arbitrary SQL commands via the l_id parameter. | 7.5 |