Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-09-16 | CVE-2009-3217 | SQL Injection vulnerability in Wiccle Iwiccle 1.01 SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the member_id parameter in an edit_user action to index.php. | 7.5 |
2009-09-16 | CVE-2009-3215 | SQL Injection vulnerability in PHP-Shop-System Ixxo Cart SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter. | 7.5 |
2009-09-16 | CVE-2009-3209 | SQL Injection vulnerability in Raizlabs PHP Email Manager 3.3.0 SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2009-09-16 | CVE-2009-3208 | SQL Injection vulnerability in Prakashatma Mishra PHPfreebb 1.0 Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to permalink.php and (2) year parameter to index.php. | 7.5 |
2009-09-16 | CVE-2009-3205 | SQL Injection vulnerability in Cbauthority SQL injection vulnerability in main.php in CBAuthority allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_product action. | 7.5 |
2009-09-16 | CVE-2009-3203 | SQL Injection vulnerability in Ajsquare AJ Auction Pro-Oopd 2.0 SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-09-15 | CVE-2009-3165 | SQL Injection vulnerability in Mozilla Bugzilla SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | 7.5 |
2009-09-15 | CVE-2009-3125 | SQL Injection vulnerability in Mozilla Bugzilla SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | 7.5 |
2009-09-15 | CVE-2009-2629 | Out-of-bounds Write vulnerability in multiple products Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests. | 7.5 |
2009-09-15 | CVE-2009-3193 | SQL Injection vulnerability in Uwix COM Digifolio 1.52 SQL injection vulnerability in the DigiFolio (com_digifolio) component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php. | 7.5 |