Lucene search
K

13188 matches found

NVD
NVD
added 2009/08/24 7:30 p.m.15 views

CVE-2008-7059

SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter...

7.5CVSS8.4AI score0.00969EPSS
Exploits1References3
Cvelist
Cvelist
added 2009/08/24 7:0 p.m.17 views

CVE-2008-7059

SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter...

8.4AI score0.00969EPSS
Exploits1References3
CVE
CVE
added 2009/08/24 7:0 p.m.42 views

CVE-2008-7059

CVE-2008-7059 describes an SQL injection vulnerability in the index.php of One-News Beta 2, exploitable via the q parameter. This allows remote attackers to execute arbitrary SQL commands. The issue is classified with a CVSS v2 base score of 7.5 (HIGH) with network access, low complexity, and no ...

7.5CVSS8.7AI score0.00969EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2009/08/24 10:30 a.m.13 views

CVE-2008-7049

Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote attackers to execute arbitrary SQL commands via the 1 txtUsername parameter aka Username and 2 txtPassword parameter aka Password in a form generated by home.asp. NOTE: due to lack of details, it is not...

7.5CVSS8.3AI score0.00975EPSS
Exploits1References4
Prion
Prion
added 2009/08/24 10:30 a.m.17 views

Sql injection

SQL injection vulnerability in ahah/sf-profile.php in the Yellow Swordfish Simple Forum module for Wordpress allows remote attackers to execute arbitrary SQL commands via the u parameter. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect...

7.5CVSS9AI score0.02797EPSS
Exploits1References4
Prion
Prion
added 2009/08/24 10:30 a.m.17 views

Sql injection

SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script AJPoll Database version allows remote attackers to execute arbitrary SQL commands via the ques parameter...

7.5CVSS9.1AI score0.01008EPSS
Exploits0References3
Prion
Prion
added 2009/08/24 10:30 a.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be...

7.5CVSS9.5AI score0.00971EPSS
Exploits1References4
Prion
Prion
added 2009/08/24 10:30 a.m.15 views

Sql injection

SQL injection vulnerability in the MyeGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect...

7.5CVSS9.1AI score0.01164EPSS
Exploits1References6
Prion
Prion
added 2009/08/24 10:30 a.m.14 views

Sql injection

Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote attackers to execute arbitrary SQL commands via the 1 txtUsername parameter aka Username and 2 txtPassword parameter aka Password in a form generated by home.asp. NOTE: due to lack of details, it is not...

7.5CVSS8.8AI score0.01333EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2009/08/24 10:0 a.m.62 views

CVE-2008-7049

NatterChat is affected by SQL injection in login.asp for versions 1.1 and 1.12, exploitable via the (1) txtUsername and (2) txtPassword fields in the form generated by home.asp. The issue is caused by improper input handling that allows remote attackers to craft SQL commands. OpenVAS and CVE refe...

7.5CVSS8.5AI score0.00975EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2009/08/24 10:0 a.m.56 views

CVE-2008-7044

A CVE for AJ Square Free Polling Script (AJPoll) Database exposes a SQL injection in admin/include/newpoll.php via the ques parameter. This allows remote attackers to execute arbitrary SQL commands, impacting confidentiality, integrity, and availability. No remediation details are provided in the...

7.5CVSS8.7AI score0.01008EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2009/08/21 8:30 p.m.10 views

Sql injection

SQL injection vulnerability in DetailFile.php in DigitalSpinners DS CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the nFileId parameter...

7.5CVSS9.1AI score0.00928EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2009/08/21 8:30 p.m.15 views

CVE-2009-2927

SQL injection vulnerability in DetailFile.php in DigitalSpinners DS CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the nFileId parameter...

7.5CVSS8.4AI score0.00928EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/08/21 8:30 p.m.36 views

CVE-2009-2933

SQL injection vulnerability in comments.php in Piwigo before 2.0.3 allows remote attackers to execute arbitrary SQL commands via the itemsnumber parameter...

7.5CVSS6.2AI score0.01087EPSS
Exploits0References1
Prion
Prion
added 2009/08/21 8:30 p.m.10 views

Sql injection

Multiple SQL injection vulnerabilities in TGS Content Management 0.x allow remote attackers to execute arbitrary SQL commands via the 1 tgslanguageid, 2 tpldir, 3 referer, 4 user-agent, 5 site, 6 option, 7 dboptimization, 8 owner, 9 adminemail, 10 defaultlanguage, and 11 dbhost parameters to...

7.5CVSS9.3AI score0.00952EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2009/08/21 8:21 p.m.47 views

CVE-2009-2929

CVE-2009-2929 affects TGS Content Management 0.x. The vulnerability is multiple SQL injection points in cms/index.php (parameters including tgs_language_id, tpl_dir, referer, user-agent, site, option, db_optimization, owner, admin_email, default_language, db_host) and cms/frontpage_ception.php (p...

7.5CVSS8.7AI score0.00952EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2009/08/21 11:30 a.m.26 views

CVE-2009-2924

Multiple SQL injection vulnerabilities in Videos Broadcast Yourself 2 allow remote attackers to execute arbitrary SQL commands via the 1 UploadID parameter to videoint.php, and possibly the 2 catid parameter to catvideo.php and 3 uid parameter to cviewchannels.php...

7.5CVSS8.6AI score0.00923EPSS
Exploits0References1
Prion
Prion
added 2009/08/21 11:30 a.m.12 views

Sql injection

SQL injection vulnerability in 2flygift.php in 2FLY Gift Delivery System 6.0 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a content action...

7.5CVSS9AI score0.00969EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2009/08/21 11:30 a.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in Videos Broadcast Yourself 2 allow remote attackers to execute arbitrary SQL commands via the 1 UploadID parameter to videoint.php, and possibly the 2 catid parameter to catvideo.php and 3 uid parameter to cviewchannels.php...

7.5CVSS9.3AI score0.00923EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2009/08/21 11:30 a.m.19 views

CVE-2009-2915

SQL injection vulnerability in 2flygift.php in 2FLY Gift Delivery System 6.0 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a content action...

7.5CVSS8.3AI score0.00969EPSS
Exploits1References2
Rows per page
Query Builder