CVE List by Type: SQL Injection (Filtered by Published Year)

Explore CVEs related to SQL Injection vulnerabilities, filtered by published year. This list is sorted by most recent disclosures first and supports filtering by CVSS and EPSS risk scores.

Includes the most recent vulnerability disclosures and trends, helping security teams quickly identify high-risk issues and exploitation likelihood.

You're viewing SQL Injection CVEs published in 2008. View full CVE list

Showing 6180 of 1092 results
«« First « Prev Page 4 / 55 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2008-5595 SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID parameter. 7.5 1.15% 2008-12-16 2026-06-16
CVE-2008-5590 SQL injection vulnerability in customer.forumtopic.php in Kalptaru Infotech Product Sale Framework 0.1 beta allows remote attackers to execute arbitrary SQL commands via the forum_topic_id parameter. 7.5 0.97% 2008-12-16 2026-06-16
CVE-2008-5589 SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the (1) txtusername parameter (aka username field) or the (2) txtpassword parameter (aka password field). NOTE: some of these details are obtained from third party information. 7.5 1.00% 2008-12-16 2026-06-16
CVE-2008-5588 SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the siteID parameter. 7.5 0.97% 2008-12-16 2026-06-16
CVE-2008-5586 SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. 6.8 0.95% 2008-12-16 2026-06-16
CVE-2008-5582 SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter. 7.5 1.00% 2008-12-15 2026-06-16
CVE-2008-5578 Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via (1) the f parameter in a showforum action, (2) the u parameter in a profile action, (3) the viewcat parameter, or (4) a combination of scb_uid and scb_ident cookie values. 7.5 1.00% 2008-12-15 2026-06-16
CVE-2008-5574 SQL injection vulnerability in member.php in Webmaster Marketplace allows remote attackers to execute arbitrary SQL commands via the u parameter. 7.5 2.35% 2008-12-15 2026-06-16
CVE-2008-5573 SQL injection vulnerability in the login feature in Poll Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) Password and (2) username parameters. 7.5 1.20% 2008-12-15 2026-06-16
CVE-2008-5571 SQL injection vulnerability in admin/login.asp in Professional Download Assistant 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) uname parameter (aka user field) or the (2) psw parameter (aka passwd field). NOTE: some of these details are obtained from third party information. 7.5 2.37% 2008-12-15 2026-06-16
CVE-2008-5561 SQL injection vulnerability in Netref 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) fiche_product.php and (2) presentation.php. 7.5 0.97% 2008-12-15 2026-06-16
CVE-2008-5559 SQL injection vulnerability in sendcard.cfm in PostEcards allows remote attackers to execute arbitrary SQL commands via the cid parameter. 7.5 1.04% 2008-12-15 2026-06-16
CVE-2008-5496 SQL injection vulnerability in showcategory.php in PozScripts Business Directory Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. 7.5 1.19% 2008-12-12 2026-06-16
CVE-2008-5494 SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. 7.5 1.00% 2008-12-12 2026-06-16
CVE-2008-5493 SQL injection vulnerability in track.php in PHPStore Wholesales (aka Wholesale) allows remote attackers to execute arbitrary SQL commands via the id parameter. 7.5 1.19% 2008-12-12 2026-06-16
CVE-2008-5491 SQL injection vulnerability in edit.php in SlimCMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the pageID parameter. 7.5 0.97% 2008-12-12 2026-06-16
CVE-2008-5490 SQL injection vulnerability in index.php in PHPStore Yahoo Answers allows remote attackers to execute arbitrary SQL commands via the id parameter. 7.5 1.15% 2008-12-12 2026-06-16
CVE-2008-5489 SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, and 2006 through 2007, allows remote attackers to execute arbitrary SQL commands via the chid parameter. 7.5 1.15% 2008-12-12 2026-06-16
CVE-2008-5488 SQL injection vulnerability in admin.php in E-topbiz Domain Shop 2 allows remote attackers to execute arbitrary SQL commands via the passfromform parameter. 7.5 1.18% 2008-12-12 2026-06-16
CVE-2008-5486 SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to execute arbitrary SQL commands via the id parameter. 7.5 1.04% 2008-12-12 2026-06-16
«« First « Prev Page 4 / 55 Next »
cvelogic Threat Intelligence