Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4148 | 1 Drupal | 1 Mailhandler | 2025-04-09 | N/A |
| SQL injection vulnerability in the Mailhandler module 5.x before 5.x-1.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to composing queries without using the Drupal database API. | ||||
| CVE-2008-4145 | 1 Addalink | 1 Addalink | 2025-04-09 | N/A |
| SQL injection vulnerability in user_read_links.php in Addalink 1.0 beta 4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||
| CVE-2008-4142 | 1 Ephpscripts | 1 E-php Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in article.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the es_id parameter. | ||||
| CVE-2008-4143 | 1 Razorecommerce | 1 Shopping Cart | 2025-04-09 | N/A |
| SQL injection vulnerability in category_search.php in RazorCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4144 | 1 Discountedscripts | 1 E-gold Script Shop | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in ACG-ScriptShop E-Gold Script Shop allows remote attackers to execute arbitrary SQL commands via the cid parameter in a showcat action. | ||||
| CVE-2007-3119 | 1 Kartli Alisveris Sistemi | 1 Kartli Alisveris Sistemi | 2025-04-09 | N/A |
| SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) 1.0 allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | ||||
| CVE-2008-4090 | 1 Couponscript | 1 Coupon Script | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in PHP Coupon Script 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an addtocart action, a different vector than CVE-2007-2672. | ||||
| CVE-2008-4088 | 1 Myphpnuke | 1 Myphpnuke | 2025-04-09 | N/A |
| SQL injection vulnerability in print.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to execute arbitrary SQL commands via the sid parameter. | ||||
| CVE-2008-4086 | 1 Source Workshop | 1 Reciprocal Links Manager | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action. | ||||
| CVE-2007-3563 | 1 Avscripts | 1 Av Arcade | 2025-04-09 | N/A |
| SQL injection vulnerability in includes/view_page.php in AV Arcade 2.1b allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_page action to index.php. | ||||
| CVE-2008-4084 | 1 Myiosoft | 1 Easyclassifields | 2025-04-09 | N/A |
| SQL injection vulnerability in staticpages/easyclassifields/index.php in MyioSoft EasyClassifields 3.0 allows remote attackers to execute arbitrary SQL commands via the go parameter in a browse action. | ||||
| CVE-2008-4078 | 2 Ledgersmb, Sql-ledger | 2 Ledgersmb, Sql-ledger | 2025-04-09 | N/A |
| SQL injection vulnerability in the AR/AP transaction report in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-4080 | 1 Stash | 1 Stash | 2025-04-09 | N/A |
| SQL injection vulnerability in Stash 1.0.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) username parameter to admin/library/authenticate.php and the (2) download parameter to downloadmp3.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4055 | 1 Texmedia | 1 Million Pixel Script | 2025-04-09 | N/A |
| SQL injection vulnerability in tops_top.php in Million Pixel Ad Script (Million Pixel Script) allows remote attackers to execute arbitrary SQL commands via the id_cat parameter. | ||||
| CVE-2008-3965 | 1 Mybb | 1 Mybb | 2025-04-09 | N/A |
| SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.4.1 allows remote attackers to execute arbitrary SQL commands via a certain editor field. | ||||
| CVE-2008-3955 | 1 Masir Camp | 1 E-shop Module | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Masir Camp E-Shop Module 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ordercode parameter in a veiworderstatus page. | ||||
| CVE-2007-3637 | 1 Mkportal | 1 Mkportal | 2025-04-09 | N/A |
| SQL injection vulnerability in MKPortal 1.1.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZD-00000008. this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. | ||||
| CVE-2007-3652 | 1 Fascript | 1 Faname | 2025-04-09 | 9.8 Critical |
| SQL injection vulnerability in class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same issue as CVE-2008-0328. | ||||
| CVE-2007-6380 | 1 E-xoops | 1 E-xoops | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08, and 1.05 Rev 1 through 3, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to (a) mylinks/ratelink.php, (b) adresses/ratefile.php, (c) mydownloads/ratefile.php, (d) mysections/ratefile.php, and (e) myalbum/ratephoto.php in modules/; the (2) bid parameter to (f) modules/banners/click.php; and the (3) gid parameter to (g) modules/arcade/index.php in a show_stats and play_game action, related issues to CVE-2007-5104 and CVE-2007-6266. | ||||
| CVE-2008-3954 | 1 Alstrasoft | 1 Forum Pay Per Post Exchange | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showcat action. | ||||