CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2008-6641 – Shader TV (Beta) - Multiple SQL Injections
https://notcve.org/view.php?id=CVE-2008-6641
07 Apr 2009 — Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remote authenticated administrators to execute arbitrary SQL commands via the sid parameter to (1) kanal.asp, (2) google.asp, and (3) hakk.asp in yonet/; and allow remote attackers to execute arbitrary SQL commands via the (4) username or (5) password fields to yonet/default.asp. Múltiples vulnerabilidades de inyección SQL en Shader TV (Beta) permite a administrador remotos autenticados ejecutar comandos SQL de forma arbitraria a través del pa... • https://www.exploit-db.com/exploits/5564 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2009-0447 – MyDesing Sayac 2.0 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2009-0447
05 Feb 2009 — Multiple SQL injection vulnerabilities in default.asp in MyDesign Sayac 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the user parameter (aka UserName field) or (2) the pass parameter (aka Pass field) to (a) admin/admin.asp or (b) the default URI under admin/. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de inyección SQL en default.asp en MyDesign Sayac v2.0, permite a atacantes remotos ejecutar comandos SQL de su elección a través ... • https://www.exploit-db.com/exploits/7963 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2008-5707 – ASP Indir Iltaweb Alisveris Sistemi - 'xurunler.asp' SQL Injection
https://notcve.org/view.php?id=CVE-2008-5707
23 Dec 2008 — SQL injection vulnerability in urunler.asp in Iltaweb Alisveris Sistemi allows remote attackers to execute arbitrary SQL commands via the catno parameter. Vulnerabilidad de inyección SQL en urunler.asp en Iltaweb Alisveris Sistemi permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro catno. • https://www.exploit-db.com/exploits/32485 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2008-5057 – Dizi Portali - 'film.asp' SQL Injection
https://notcve.org/view.php?id=CVE-2008-5057
13 Nov 2008 — SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de inyección SQL en film.asp en Yigit Aybuga Dizi Portali permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro film. NOTA: el origen de esta información es desconocido; los detalles se han obtenido... • https://www.exploit-db.com/exploits/32577 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2008-4573 – MunzurSoft Wep Portal W3 - 'kat' SQL Injection
https://notcve.org/view.php?id=CVE-2008-4573
15 Oct 2008 — SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal W3 allows remote attackers to execute arbitrary SQL commands via the kat parameter. Vulnerabilidad de inyección SQL en kategori.asp de MunzurSoft Wep Portal W3 permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro kat. • https://www.exploit-db.com/exploits/6725 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2008-4574 – Ayco Okul Portali - 'linkid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-4574
15 Oct 2008 — SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter. Vulnerabilidad de inyección SQL en default.asp en Ayco Okul Portali permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro linkid. • https://www.exploit-db.com/exploits/6720 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2008-3888 – MiniNuke 2.1 - 'uid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-3888
02 Sep 2008 — SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action. Vulnerabilidad de inyección SQL en members.asp de Mini-NUKE Freehost 2.3, permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro uid en una acción member_details. • https://www.exploit-db.com/exploits/5187 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2008-3495 – Pcshey Portal - 'kategori.asp' SQL Injection
https://notcve.org/view.php?id=CVE-2008-3495
06 Aug 2008 — SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter. Vulnerabilidad de inyección SQL en kategori.asp de Pcshey Portal permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro kid. • https://www.exploit-db.com/exploits/32151 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2008-2872 – shibby shop 2.2 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-2872
26 Jun 2008 — SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter. Vulnerabilidad de inyección SQL en default.asp in sHibby sHop 2.2 y versiones anteriores, permite a atacantes remotos ejecutar comandos SQL arbitrariamente a través del parámetro sayfa. • https://www.exploit-db.com/exploits/5895 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 1CVE-2008-2873 – shibby shop 2.2 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-2873
26 Jun 2008 — sHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb. sHibby sHop 2.2 y versiones anteriores, almacena información sensible bajo la raíz web con controles de acceso insuficientes, lo cual permite a atacantes remotos descargarse una base de datos a través de una petición directa a Db/urun.mdb. • https://www.exploit-db.com/exploits/5895 • CWE-264: Permissions, Privileges, and Access Controls •