CVE-2008-5197 – PHP-Fusion Mod Classifieds - 'lid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-5197
SQL injection vulnerability in classifieds.php in PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the lid parameter in a detail_adverts action. Vulnerabilidad de inyección SQL en classifieds.php en PHP-Fusion permite a atacantes remotos ejecutar comandos arbitrarios SQL a través de parámetro lid en una acción detail_adverts. • https://www.exploit-db.com/exploits/5961 http://securityreason.com/securityalert/4640 http://www.securityfocus.com/bid/29995 https://exchange.xforce.ibmcloud.com/vulnerabilities/43561 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-5196 – PHP-Fusion Mod Kroax 4.42 - 'category' SQL Injection
https://notcve.org/view.php?id=CVE-2008-5196
SQL injection vulnerability in kroax.php in the Kroax (the_kroax) 4.42 and earlier module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the category parameter. Vulnerabilidad de inyección SQL en kroax.php en el módulo Kroax (the_kroax) v4.42 y anteriores de PHP-Fusion permite a atacantes remotos ejecutar comandos arbitrarios SQL a través de parámetro category. • https://www.exploit-db.com/exploits/5942 http://securityreason.com/securityalert/4639 http://www.securityfocus.com/bid/29976 https://exchange.xforce.ibmcloud.com/vulnerabilities/43462 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-5074 – PHP-Fusion Mod freshlinks - 'linkid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-5074
SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the linkid parameter. Vulnerabilidad de inyección SQL en index.php en el módulo Freshlinks v1.0 RC1 para PHP-Fusion permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "linkid". • https://www.exploit-db.com/exploits/6620 http://securityreason.com/securityalert/4594 http://www.securityfocus.com/bid/31469 https://exchange.xforce.ibmcloud.com/vulnerabilities/45504 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-4527 – PHP-Fusion Mod recept - 'kat_id' SQL Injection
https://notcve.org/view.php?id=CVE-2008-4527
SQL injection vulnerability in recept.php in the Recepies (Recept) module 1.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the kat_id parameter in a kategorier action. NOTE: some of these details are obtained from third party information. Vulnerabilidad de inyección SQL en recept.php en el modulo Recepies (Recept) 1.1 para PHP-Fusion que permite a atacantes remotos ejecutar comandos SQL a su elección a través de el parámetro "kat_id" en una acción Kategorier. NOTA: algunos de estos detalles han sido obtenidos a partir de la información de terceras partes. • https://www.exploit-db.com/exploits/6683 http://secunia.com/advisories/32004 http://securityreason.com/securityalert/4385 http://www.securityfocus.com/bid/31578 https://exchange.xforce.ibmcloud.com/vulnerabilities/45674 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-4521 – PHP-Fusion Mod raidtracker_panel - 'INFO_RAID_ID' SQL Injection
https://notcve.org/view.php?id=CVE-2008-4521
SQL injection vulnerability in thisraidprogress.php in the World of Warcraft tracker infusion (raidtracker_panel) module 2.0 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the INFO_RAID_ID parameter. Vulnerabilidad de inyección SQL en el archivo thisraidprogress.php en el módulo World of Warcraft tracker infusion (raidtracker_panel) 2.0 para PHP-Fusion que permite a los atacante remotos ejecutar arbitariamente comandos SQL a través del parámetro INFO_RAID_ID. • https://www.exploit-db.com/exploits/6682 http://securityreason.com/securityalert/4384 http://www.securityfocus.com/bid/31579 https://exchange.xforce.ibmcloud.com/vulnerabilities/45675 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •