Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0856 | 1 E-vision | 1 E-vision Cms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) iframe.php and (2) print.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1453 | 1 Anoochit Chalothorn | 1 Tiny Blogr | 2025-04-09 | N/A |
| SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the txtUsername parameter (aka the Username field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6789 | 1 Minddezign | 1 Photo Gallery | 2025-04-09 | N/A |
| SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action to the admin module in index.php, a different vector than CVE-2008-6788. | ||||
| CVE-2008-1298 | 2 Kyantonius, Php-nuke | 2 Hadith Module, Hadith Module | 2025-04-09 | N/A |
| SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter in a viewcat action to modules.php. | ||||
| CVE-2008-6653 | 3 Joomla, Mambo, Wh-com | 3 Joomla, Mambo, Com Webhosting | 2025-04-09 | N/A |
| SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2008-1344 | 1 Myiosoft | 1 Easycalendar | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in MyioSoft EasyCalendar 4.0tr and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year parameter in a dayview action to plugins/calendar/calendar_backend.php and the (2) page parameter to ajaxp_backend.php. | ||||
| CVE-2009-3226 | 1 Almondsoft | 2 Affiliate Network Classifieds, Almond Classifieds | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3205 | 1 Cbauthority | 1 Cbauthority | 2025-04-09 | N/A |
| SQL injection vulnerability in main.php in CBAuthority allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_product action. | ||||
| CVE-2008-2535 | 1 Fkrauthan | 1 Phoenix View Cms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to execute arbitrary SQL commands via the del parameter to (1) gbuch.admin.php, (2) links.admin.php, (3) menue.admin.php, (4) news.admin.php, and (5) todo.admin.php in admin/module/. | ||||
| CVE-2007-3884 | 1 Aspindir | 1 Husrevforum | 2025-04-09 | N/A |
| SQL injection vulnerability in philboard_forum.asp in husrevforum 1.0.1 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: it was later reported that 2.0.1 is also affected. | ||||
| CVE-2008-2757 | 1 Xigla | 1 Absolute News Manager Xe | 2025-04-09 | N/A |
| SQL injection vulnerability in search.asp in Xigla Absolute News Manager XE 3.2 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. | ||||
| CVE-2008-2774 | 1 Cartkeeper | 1 Ckgold Shopping Cart | 2025-04-09 | N/A |
| SQL injection vulnerability in item.php in CartKeeper CKGold Shopping Cart 2.5 and 2.7 allows remote attackers to execute arbitrary SQL commands via the category_id parameter, a different vector than CVE-2007-4736. | ||||
| CVE-2008-3265 | 1 Joomla | 1 Com Dtregister | 2025-04-09 | N/A |
| SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the eventId parameter in a pay_options action to index.php. | ||||
| CVE-2008-3240 | 1 Alstrasoft | 1 Affiliate Network Pro | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote attackers to execute arbitrary SQL commands via the pgm parameter in a directory action. | ||||
| CVE-2008-2775 | 1 Dt Centrepiece | 1 Dt Centrepiece | 2025-04-09 | N/A |
| SQL injection vulnerability in search.asp in DT Centrepiece 4.0 allows remote attackers to execute arbitrary SQL commands via the searchFor parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3055 | 1 Typo3 | 1 Support View Extension | 2025-04-09 | N/A |
| SQL injection vulnerability in the Support view (ext_tbl) extension 0.0.102 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-2790 | 1 Mountaingrafix | 1 Easytrade | 2025-04-09 | N/A |
| SQL injection vulnerability in detail.php in MountainGrafix easyTrade 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1094 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2025-04-09 | N/A |
| SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter. | ||||
| CVE-2009-1850 | 1 Benjamin Curtis | 1 Phpbugtracker | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute arbitrary SQL commands via the password parameter. | ||||
| CVE-2009-3081 | 1 Uiga | 1 Church Portal | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the month parameter in a calendar action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||