SQL Injection に分類される脆弱性に紐づく CVE を、公開年で絞り込みます。一覧は新しい公開が上に来る並びで、CVSS / EPSS のリスク指標でもさらに絞り込めます。
直近の脆弱性公開や傾向を押さえ、セキュリティチームが高リスクな事象や悪用の可能性を素早く把握するためのビューです。
2008 年に公開され、SQL Injection に分類される CVE を表示しています。 CVE の一覧へ
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2008-5806 | SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka admin field). NOTE: some of these details are obtained from third party information. | 7.5 | 0.93% | 2008-12-31 | 2026-04-23 |
| CVE-2008-5805 | SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the siteid parameter, a different vector than CVE-2006-5828. | 7.5 | 0.44% | 2008-12-31 | 2026-04-23 |
| CVE-2008-5804 | SQL injection vulnerability in admin/admin_catalog.php in e-topbiz Number Links 1 Php Script allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action. | 7.5 | 0.51% | 2008-12-31 | 2026-04-23 |
| CVE-2008-5803 | SQL injection vulnerability in admin/login.php in E-topbiz Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka username field). NOTE: some of these details are obtained from third party information. | 7.5 | 0.49% | 2008-12-31 | 2026-04-23 |
| CVE-2008-5802 | SQL injection vulnerability in index.php in E-topbiz Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | 7.5 | 0.49% | 2008-12-31 | 2026-04-23 |
| CVE-2008-5800 | SQL injection vulnerability in the Wir ber uns [sic] (fsmi_people) extension 0.0.24 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 | 0.35% | 2008-12-31 | 2026-04-23 |
| CVE-2008-5798 | SQL injection vulnerability in the CMS Poll system (cms_poll) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 | 0.41% | 2008-12-31 | 2026-04-23 |
| CVE-2008-5797 | SQL injection vulnerability in the advCalendar extension 0.3.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 | 0.41% | 2008-12-31 | 2026-04-23 |
| CVE-2008-5796 | SQL injection vulnerability in the eluna Page Comments (eluna_pagecomments) extension 1.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 | 0.40% | 2008-12-31 | 2026-04-23 |
| CVE-2008-5788 | SQL injection vulnerability in index.php in Domain Seller Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 | 0.93% | 2008-12-31 | 2026-04-23 |
| CVE-2008-5785 | SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. | 7.5 | 0.44% | 2008-12-31 | 2026-04-23 |
| CVE-2008-5782 | SQL injection vulnerability in bannerclick.php in ZeeMatri 3.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | 7.5 | 0.44% | 2008-12-31 | 2026-04-23 |
| CVE-2008-5781 | SQL injection vulnerability in right.php in Cant Find A Gaming CMS (CFAGCMS) 1.0 Beta 1 allows remote attackers to execute arbitrary SQL commands via the title parameter. | 7.5 | 0.52% | 2008-12-30 | 2026-04-23 |
| CVE-2008-5779 | SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 | 0.44% | 2008-12-30 | 2026-04-23 |
| CVE-2008-5778 | SQL injection vulnerability in report.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | 7.5 | 1.67% | 2008-12-30 | 2026-04-23 |
| CVE-2008-5777 | SQL injection vulnerability in index.php in CadeNix allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 | 0.41% | 2008-12-30 | 2026-04-23 |
| CVE-2008-5775 | SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 | 0.41% | 2008-12-30 | 2026-04-23 |
| CVE-2008-5774 | Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to (a) type.asp and (b) type2.asp and the (2) iPro parameter to (c) detail.asp. | 7.5 | 0.48% | 2008-12-30 | 2026-04-23 |
| CVE-2008-5772 | Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to type.asp and the (2) iPro parameter to detail.asp. | 7.5 | 1.00% | 2008-12-30 | 2026-04-23 |
| CVE-2008-5768 | SQL injection vulnerability in print.php in the AM Events (aka Amevents) module 0.22 for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 | 0.32% | 2008-12-30 | 2026-04-23 |