Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 34736 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3027 | 1 Vangogh Web Cms | 1 Vangogh Web Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php. | ||||
| CVE-2008-5212 | 1 Aj Square | 1 Aj Auction | 2025-04-09 | N/A |
| SQL injection vulnerability in classifide_ad.php in AJ Auction 6.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | ||||
| CVE-2008-3030 | 1 Efes Tech Shop | 1 Efes Tech Shop | 2025-04-09 | N/A |
| SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action. | ||||
| CVE-2008-6641 | 1 Aspindir | 1 Shader Tv | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remote authenticated administrators to execute arbitrary SQL commands via the sid parameter to (1) kanal.asp, (2) google.asp, and (3) hakk.asp in yonet/; and allow remote attackers to execute arbitrary SQL commands via the (4) username or (5) password fields to yonet/default.asp. | ||||
| CVE-2008-6642 | 1 Dotcontent | 1 Fluentcms | 2025-04-09 | N/A |
| SQL injection vulnerability in view.php in DotContent FluentCMS 4.x allows remote attackers to execute arbitrary SQL commands via the sid parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3152 | 1 Orbitscripts | 2 Smartppc, Smartppc Pro | 2025-04-09 | N/A |
| SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote attackers to execute arbitrary SQL commands via the idDirectory parameter. | ||||
| CVE-2008-6133 | 1 Ozsari | 1 Full Php Emlak Script | 2025-04-09 | N/A |
| SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3942. | ||||
| CVE-2008-5198 | 1 Vizzed | 1 Acmlmboard | 2025-04-09 | N/A |
| SQL injection vulnerability in memberlist.php in Acmlmboard 1.A2 allows remote attackers to execute arbitrary SQL commands via the pow parameter. | ||||
| CVE-2008-5200 | 2 Joomla, Mambo | 3 Com Xewebtv, Joomla, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in the Xe webtv (com_xewebtv) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| CVE-2007-6078 | 1 Skyportal | 1 Skyportal | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) nc_top.asp; (2) inc_bookmarks.asp, possibly involving a parameter passed from cp_main.asp; (3) inc_profile_functions.asp; or (4) inc_SUBSCRIPTIONS.asp; or the (5) Avatar_URL, (6) LINK1, or (7) LINK2 parameter to cp_main.asp in an EditIt action. | ||||
| CVE-2007-4653 | 1 Phpbb | 1 Phpbb | 2025-04-09 | N/A |
| SQL injection vulnerability in links.php in the Links MOD 1.2.2 and earlier for phpBB 2.0.22 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter in a search action. | ||||
| CVE-2007-6266 | 1 Bcoos | 1 Bcoos | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in bcoos 1.0.10 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to modules/arcade/index.php in a show_stats action, or the lid parameter to (2) modules/myalbum/ratephoto.php or (3) modules/mylinks/ratelink.php, different vectors than CVE-2007-5104. | ||||
| CVE-2008-7083 | 1 Revou | 1 Micro Blogging Twitter Clone | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in ReVou Micro Blogging Twitter clone allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. | ||||
| CVE-2007-6084 | 1 Hotscripts | 1 Clone Script | 2025-04-09 | N/A |
| SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1535 | 1 Matti Kiviharju | 1 Rekry Component | 2025-04-09 | N/A |
| SQL injection vulnerability in the Matti Kiviharju rekry (aka com_rekry or rekry!Joom) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the op_id parameter in a view action to index.php. | ||||
| CVE-2008-1591 | 1 Postnuke | 1 Postnuke | 2025-04-09 | N/A |
| The pnVarPrepForStore function in PostNuke 0.764 and earlier skips input sanitization when magic_quotes_runtime is enabled, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via input associated with server variables, as demonstrated by the CLIENT_IP HTTP header (HTTP_CLIENT_IP variable). | ||||
| CVE-2008-6330 | 1 Jaia Interactive | 1 Mytopix | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in MyTopix 1.3.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the send parameter in a notes action. | ||||
| CVE-2009-0373 | 2 Elearningforce, Joomla | 2 Flash Magazine Deluxe, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mag_id parameter in a magazine action to index.php. | ||||
| CVE-2007-4762 | 1 E-smart Cart | 1 E-smart Cart | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in embadmin/login.asp in E-SMARTCART 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user and (2) pass fields, different vectors than CVE-2007-0092. | ||||
| CVE-2009-2341 | 1 Shalwan | 1 Opial | 2025-04-09 | N/A |
| SQL injection vulnerability in albumdetail.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the albumid parameter. | ||||