• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2008-6911

February 26, 2023 by

SQL injection vulnerability in the authenticateUser function in includes/authentication.inc.php in BrewBlogger (BB) 2.1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginUsername parameter to includes/logincheck.inc.php. NOTE: some of these details are obtained from third party information.

CVE-2008-6917

February 26, 2023 by

SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user parameter).

CVE-2008-6923

February 26, 2023 by

SQL injection vulnerability in the content component (com_content) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a blogcategory action to index.php.

CVE-2008-6873

February 26, 2023 by

SQL injection vulnerability in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the TabOpenQuickTab1 parameter to (1) popaccounts.aspx, (2) addressbook.aspx, and (3) emails.aspx.

CVE-2008-6874

February 26, 2023 by

Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands via the iType parameter in (1) Auto1/type.asp or (2) auto2/type.asp.

CVE-2008-6875

February 26, 2023 by

SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 6
  • Go to page 7
  • Go to page 8
  • Go to page 9
  • Go to page 10
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE