Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2063 | 1 Joovili | 1 Joovili | 2025-04-09 | N/A |
| SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2008-2093 | 3 Joomla, Joomlapolis, Mambo | 3 Com Comprofiler, Community Builder, Com Comprofiler | 2025-04-09 | N/A |
| SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php. | ||||
| CVE-2008-2996 | 1 Gravityboardx | 1 Gravity Board X | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Gravity Board X (GBX) 2.0 Beta, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchquery parameter in a getsearch action, and the (2) board_id parameter in a viewboard action. | ||||
| CVE-2008-2916 | 1 Preprojects | 1 Pre Ads Portal | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to showcategory.php and the (2) id parameter to software-description.php. | ||||
| CVE-2008-2901 | 1 Haudenschilt | 1 Family Connections Cms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter to home.php in a results action. | ||||
| CVE-2007-0985 | 1 Phpcc | 1 Phpcc | 2025-04-09 | N/A |
| SQL injection vulnerability in nickpage.php in phpCC 4.2 beta and earlier allows remote attackers to execute arbitrary SQL commands via the npid parameter in a sign_gb action. | ||||
| CVE-2008-1934 | 1 Crazy Goomba | 1 Crazy Goomba | 2025-04-09 | N/A |
| SQL injection vulnerability in commentaires.php in Crazy Goomba 1.2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2865 | 1 Kalptaru Infotech | 1 Php Site Lock | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a show_article action. | ||||
| CVE-2008-2845 | 1 Mybizz-classifieds | 1 Mybizz-classifieds | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in MyBizz-Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-1750 | 1 Livecart | 1 Livecart | 2025-04-09 | N/A |
| SQL injection vulnerability in Integry Systems LiveCart 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to the /category URI. | ||||
| CVE-2008-2823 | 1 Phpeasynews | 1 Phpeasyblog | 2025-04-09 | N/A |
| SQL injection vulnerability in newsarchive.php in PHPeasyblog (formerly phpeasynews) 1.13 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter. | ||||
| CVE-2008-1913 | 1 Lasernet Cms | 1 Lasernet Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the new parameter in a new action. | ||||
| CVE-2008-0363 | 1 Clever Copy | 1 Clever Copy | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to postcomment.php and the (2) album parameter to gallery.php. | ||||
| CVE-2008-5589 | 1 Katywhitton | 1 Rankem | 2025-04-09 | N/A |
| SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the (1) txtusername parameter (aka username field) or the (2) txtpassword parameter (aka password field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5954 | 1 Ktp Computer Customer Database | 1 Ktp Computer Customer Database | 2025-04-09 | N/A |
| SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lname parameter in a login action to an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1774 | 1 Pligg | 1 Pligg Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in editlink.php in Pligg 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1859 | 1 Iscripts | 1 Socialware | 2025-04-09 | N/A |
| SQL injection vulnerability in events.php in iScripts SocialWare allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action. | ||||
| CVE-2008-1911 | 1 1024 Cms | 1 1024 Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a cookpass cookie. | ||||
| CVE-2007-4881 | 1 Psi-labs | 1 Social Networking Script Psisns | 2025-04-09 | N/A |
| SQL injection vulnerability in profile/myprofile.php in psi-labs.com social networking script (psisns), probably 1.0, allows remote attackers to execute arbitrary SQL commands via the u parameter. | ||||
| CVE-2007-4894 | 1 Wordpress | 1 Wordpress | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2.5a allow remote attackers to execute arbitrary SQL commands via the post_type parameter to the pingback.extensions.getPingbacks method in the XMLRPC interface, and other unspecified parameters related to "early database escaping" and missing validation of "query string like parameters." | ||||