Export limit exceeded: 44417 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6425 | 1 Comicshout | 1 Comicshout | 2025-04-09 | N/A |
| SQL injection vulnerability in news.php in ComicShout 2.8 allows remote attackers to execute arbitrary SQL commands via the news_id parameter, a different vector than CVE-2008-2456. | ||||
| CVE-2008-6422 | 1 Psychostats | 1 Psychostats | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and 2.3.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) weapon.php and (2) map.php. | ||||
| CVE-2008-6414 | 1 Aj Square | 1 Aj Auction | 2025-04-09 | N/A |
| SQL injection vulnerability in detail.php in AJ Auction Pro Platinum Skin 2 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | ||||
| CVE-2008-6405 | 1 Greatclone | 1 Hotscripts Clone | 2025-04-09 | N/A |
| SQL injection vulnerability in showcategory.php in Hotscripts Clone allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-6401 | 1 Jetik | 1 Jetik-web | 2025-04-09 | N/A |
| SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote attackers to execute arbitrary SQL commands via the kat parameter. | ||||
| CVE-2008-6392 | 1 1scripts | 1 Z1exchange | 2025-04-09 | N/A |
| SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6389 | 1 Aliensoftcorp | 1 Rae Media Contact Management | 2025-04-09 | N/A |
| SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, Standard, and Enterprise allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6579 | 1 Ip Reg | 1 Ip Reg | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Ip Reg 0.3 allow remote attackers to execute arbitrary SQL commands via the vlan_id parameter to (1) vlanview.php, (2) vlanedit.php, and (3) vlandel.php; the (4) assetclassgroup_id parameter to assetclassgroupview.php; the (5) subnet_id parameter to nodelist.php; and unspecified other vectors. NOTE: it was later reported that the vlanview.php and vlandel.php vectors are also in 0.4. | ||||
| CVE-2008-3038 | 1 Typo3 | 1 Address Directory | 2025-04-09 | N/A |
| SQL injection vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6383 | 1 Drupal | 2 Drupal, Storm | 2025-04-09 | N/A |
| SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6379 | 1 Mxmania | 1 Gallery Mx | 2025-04-09 | N/A |
| SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2008-6378 | 1 Mxmania | 1 Calendar Mx Professional | 2025-04-09 | N/A |
| SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2008-6376 | 1 Nexusjnr | 1 Jbook | 2025-04-09 | N/A |
| SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the password (pass parameter). | ||||
| CVE-2008-6368 | 1 Chipmunk Scripts | 1 Chipmunk Guestbook | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m allows remote attackers to execute arbitrary SQL commands via the start parameter. | ||||
| CVE-2009-0295 | 1 Itlpoll | 1 Itpoll | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) 2.7 Stable 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6371 | 1 Ocean12tech | 1 Membership Manager Pro | 2025-04-09 | N/A |
| SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the username (Username parameter). | ||||
| CVE-2008-6369 | 1 Ocean12tech | 1 Contact Manager Pro | 2025-04-09 | N/A |
| SQL injection vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to execute arbitrary SQL commands via the Sort parameter. | ||||
| CVE-2009-0292 | 1 Shop-inet | 1 Shop-inet | 2025-04-09 | N/A |
| SQL injection vulnerability in show_cat2.php in SHOP-INET 4 allows remote attackers to execute arbitrary SQL commands via the grid parameter. | ||||
| CVE-2008-6366 | 1 Adserversolutions | 1 Affiliate Software Java | 2025-04-09 | N/A |
| SQL injection vulnerability in logon.jsp in Ad Server Solutions Affiliate Software Java 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, possibly related to the uname and pass parameters to logon_process.jsp. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-0350 | 1 Sme | 1 Filemailer | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in (a) index.php and (b) dl.php in SmE FileMailer 1.21 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ps, (2) us, (3) f, or (4) code parameter. NOTE: the us vector in index.php is already covered by CVE-2007-0346. | ||||