Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-09-03 | CVE-2009-3063 | SQL Injection vulnerability in Indianpulses COM Gameserver 1.0 SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php. | 7.5 |
2009-09-03 | CVE-2009-3062 | SQL Injection vulnerability in PHPlivesupport. PHPlive! 3.3 SQL injection vulnerability in message_box.php in OSI Codes PHP Live! 3.3 allows remote attackers to execute arbitrary SQL commands via the deptid parameter. | 7.5 |
2009-09-03 | CVE-2009-3061 | SQL Injection vulnerability in Alqa6Ari Script Q R 1.0 SQL injection vulnerability in lesson.php in Alqatari Q R Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-09-03 | CVE-2009-3059 | SQL Injection vulnerability in Allpublication Jboard Multiple SQL injection vulnerabilities in Joker Board (aka JBoard) 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) core/select.php or (2) the city parameter to top_add.inc.php, reachable through sboard.php. | 7.5 |
2009-09-03 | CVE-2009-3056 | Code Injection vulnerability in BAS Bloemsaat Kingcms 0.6.0 PHP remote file inclusion vulnerability in include/engine/content/elements/menu.php in KingCMS 0.6.0 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[AdminPath] parameter. | 7.5 |
2009-09-03 | CVE-2009-3055 | Code Injection vulnerability in Dlecms DLE 8.2 PHP remote file inclusion vulnerability in engine/api/api.class.php in DataLife Engine (DLE) 8.2 allows remote attackers to execute arbitrary PHP code via a URL in the dle_config_api parameter. | 7.5 |
2009-09-03 | CVE-2009-3054 | SQL Injection vulnerability in Artetics COM Artportal 1.0 SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php. | 7.5 |
2009-09-02 | CVE-2009-3046 | Improper Certificate Validation vulnerability in Opera Browser Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes it easier for remote SSL servers to bypass validation of the certificate chain via a revoked certificate. | 7.5 |
2009-09-02 | CVE-2008-7155 | Permissions, Privileges, and Access Controls vulnerability in PHPrisk Netrisk 1.9.7 NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote attackers to change the password of arbitrary users via a direct request. | 7.5 |
2009-09-02 | CVE-2008-7153 | SQL Injection vulnerability in Docebo SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header. | 7.5 |