CWE-89

CVE-2008-2906

February 26, 2023 by

SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the tsk_id parameter.

CVE-2008-2907

February 26, 2023 by

SQL injection vulnerability in admin/index.php in WebChamado 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the eml parameter.

CVE-2008-2909

February 26, 2023 by

SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter.

SQL injection vulnerability in jobseekers/JobSearch3.php (aka the search module) in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the (1) kw or (2) position parameter. NOTE: some of these details are obtained from third party information.

CVE-2008-2915

February 26, 2023 by

Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (aka the search module) in Pre Job Board allow remote attackers to execute arbitrary SQL commands via the (1) position or (2) kw parameter.

CVE-2008-2916

February 26, 2023 by

Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to showcategory.php and the (2) id parameter to software-description.php.