Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2009-09-03 CVE-2009-3063 SQL Injection vulnerability in Indianpulses COM Gameserver 1.0
SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php.
network
low complexity
joomla indianpulses CWE-89
7.5
7.5
2009-09-03 CVE-2009-3062 SQL Injection vulnerability in PHPlivesupport. PHPlive! 3.3
SQL injection vulnerability in message_box.php in OSI Codes PHP Live! 3.3 allows remote attackers to execute arbitrary SQL commands via the deptid parameter.
network
low complexity
phplivesupport CWE-89
7.5
7.5
2009-09-03 CVE-2009-3061 SQL Injection vulnerability in Alqa6Ari Script Q R 1.0
SQL injection vulnerability in lesson.php in Alqatari Q R Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
alqa6ari CWE-89
7.5
7.5
2009-09-03 CVE-2009-3059 SQL Injection vulnerability in Allpublication Jboard
Multiple SQL injection vulnerabilities in Joker Board (aka JBoard) 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) core/select.php or (2) the city parameter to top_add.inc.php, reachable through sboard.php.
network
low complexity
allpublication CWE-89
7.5
7.5
2009-09-03 CVE-2009-3056 Code Injection vulnerability in BAS Bloemsaat Kingcms 0.6.0
PHP remote file inclusion vulnerability in include/engine/content/elements/menu.php in KingCMS 0.6.0 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[AdminPath] parameter.
network
low complexity
bas-bloemsaat CWE-94
7.5
7.5
2009-09-03 CVE-2009-3055 Code Injection vulnerability in Dlecms DLE 8.2
PHP remote file inclusion vulnerability in engine/api/api.class.php in DataLife Engine (DLE) 8.2 allows remote attackers to execute arbitrary PHP code via a URL in the dle_config_api parameter.
network
low complexity
dlecms CWE-94
7.5
7.5
2009-09-03 CVE-2009-3054 SQL Injection vulnerability in Artetics COM Artportal 1.0
SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php.
network
low complexity
joomla artetics CWE-89
7.5
7.5
2009-09-02 CVE-2009-3046 Improper Certificate Validation vulnerability in Opera Browser
Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes it easier for remote SSL servers to bypass validation of the certificate chain via a revoked certificate.
network
low complexity
opera CWE-295
7.5
7.5
2009-09-02 CVE-2008-7155 Permissions, Privileges, and Access Controls vulnerability in PHPrisk Netrisk 1.9.7
NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote attackers to change the password of arbitrary users via a direct request.
network
low complexity
phprisk CWE-264
7.5
7.5
2009-09-02 CVE-2008-7153 SQL Injection vulnerability in Docebo
SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header.
network
low complexity
docebo CWE-89
7.5
7.5