Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0845 | 2 Jboss, Redhat | 2 Jboss, Enterprise Linux | 2025-04-03 | N/A |
| Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8. | ||||
| CVE-2006-4734 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in tiki-g-admin_processes.php in Tikiwiki 1.9.4 allow remote attackers to execute arbitrary SQL commands via the (1) pid and (2) where parameters. | ||||
| CVE-2006-4736 | 1 Cms.r. | 1 Cms.r. | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in index.php in CMS.R. 5.5 allow remote attackers to execute arbitrary SQL commands via the (1) adminname and (2) adminpass parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2003-1458 | 1 Ttcms | 2 Ttcms, Ttforum | 2025-04-03 | N/A |
| SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum allows remote attackers to execute arbitrary SQL commands via the member name. | ||||
| CVE-2005-3325 | 2 Acid, Secureideas | 2 Analysis Console For Intrusion Databases, Basic Analysis And Security Engine | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.2, and unspecified other console scripts in these products, allow remote attackers to execute arbitrary SQL commands via the sig[1] parameter and possibly other parameters. | ||||
| CVE-2002-2252 | 1 Atthat.com | 1 Thatware | 2025-04-03 | N/A |
| SQL injection vulnerability in auth.inc.php in Thatware 0.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via a base64-encoded user parameter. | ||||
| CVE-2006-0961 | 1 Cilem | 1 Cilem Haber | 2025-04-03 | N/A |
| SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 allows remote attackers to execute arbitrary SQL commands via the haber_id parameter. NOTE: this product has also been referred to as "Cilem News," although that does not appear to be the proper name. | ||||
| CVE-2006-1978 | 1 Flexbb | 1 Flexbb | 2025-04-03 | N/A |
| SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_username COOKIE parameter. | ||||
| CVE-2005-3046 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-04-03 | N/A |
| SQL injection vulnerability in password.php in PhpMyFaq 1.5.1 allows remote attackers to modify SQL queries and gain administrator privileges via the user field. | ||||
| CVE-2005-3686 | 1 Newsboard | 1 Unclassified Newsboard | 2025-04-03 | N/A |
| SQL injection vulnerability in search.inc.php in Unclassified NewsBoard before 1.5.3 Patch 4 allows remote attackers to execute arbitrary SQL commands via the (1) DateFrom or (2) DateUntil parameter to forum.php. | ||||
| CVE-2006-2268 | 1 Flexcustomer | 1 Flexcustomer | 2025-04-03 | N/A |
| SQL injection vulnerability in FlexCustomer 0.0.4 and earlier allows remote attackers to bypass authentication and execute arbitrary SQL commands via the admin and ordinary user interface, probably involving the (1) checkuser and (2) checkpass parameters to (a) admin/index.php, and (3) username and (4) password parameters to (b) index.php. NOTE: it was later reported that 0.0.6 is also affected. | ||||
| CVE-2006-0510 | 1 Daffodil Software | 1 Daffodil Crm | 2025-04-03 | N/A |
| SQL injection vulnerability in userlogin.jsp in Daffodil CRM 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified parameters in a login action. | ||||
| CVE-2006-1676 | 1 Maxdev | 1 Md-pro | 2025-04-03 | N/A |
| SQL injection vulnerability in the display function in the Topics module for MAXdev MDPro (MD-Pro) 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a display action, which is not properly handled in PNuserapi.PHP. | ||||
| CVE-2006-1501 | 1 Oneorzero | 1 Oneorzero | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in OneOrZero 1.6.3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly in the kans action. | ||||
| CVE-2006-1500 | 1 Tilde | 1 Tilde Cms | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in Tilde CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-0772 | 1 Hitachi | 1 Business Logic | 2025-04-03 | N/A |
| SQL injection vulnerability in Hitachi Business Logic - Container 02-03 through 03-00-/B on Windows, and 03-00 through 03-00-/B on Linux, allows remote attackers to execute arbitrary SQL commands via unspecified vectors in the extended receiving box function. | ||||
| CVE-2006-0318 | 1 Insane Visions | 1 Blogphp | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in BlogPHP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter in a login action. | ||||
| CVE-2005-4711 | 1 Neocrome | 1 Land Down Under | 2025-04-03 | N/A |
| SQL injection vulnerability in Neocrome Land Down Under (LDU) 801 allows remote attackers to execute arbitrary SQL commands via an HTTP Referer header. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-4617 | 1 Forperfect | 1 Csupport | 2025-04-03 | N/A |
| SQL injection vulnerability in tickets.php in cSupport 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the pg parameter. | ||||
| CVE-2005-4315 | 1 Nicplex | 1 Plexcart X3 | 2025-04-03 | N/A |
| SQL injection vulnerability in the search function in Plexum PLEXCART X3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly involving the (1) s_itemname and (2) s_orderby parameters to plexcart.pl. | ||||