Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4897 | 1 Logz | 1 Logz | 2025-04-09 | N/A |
| SQL injection vulnerability in fichiers/add_url.php in Logz podcast CMS 1.3.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the art parameter. | ||||
| CVE-2009-0968 | 2 Fahlstad, Wordpress | 2 Fmoblog Plugin, Wordpress | 2025-04-09 | N/A |
| SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4877 | 1 Mywebcards | 1 Webcards | 2025-04-09 | N/A |
| SQL injection vulnerability in admin.php in WebCards 1.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0934 | 2 Nukec, Php-nuke | 2 Nukec, Nukec Module | 2025-04-09 | N/A |
| SQL injection vulnerability in modules.php in the NukeC 2.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action. | ||||
| CVE-2009-0963 | 1 Xlinesoft | 1 Phprunner | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the SearchField parameter to (1) UserView_list.php, (2) orders_list.php, (3) users_list.php, and (4) Administrator_list.php. | ||||
| CVE-2008-4768 | 1 Tlm Cms | 1 Tlm Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in TLM CMS 3.1 allows remote attackers to execute arbitrary SQL commands via the nom parameter to a-b-membres.php. NOTE: the goodies.php vector is already covered by CVE-2007-4808. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4765 | 1 Oscommerce | 2 Online Merchant, Poll Booth | 2025-04-09 | N/A |
| SQL injection vulnerability in pollBooth.php in osCommerce Poll Booth Add-On 2.0 allows remote attackers to execute arbitrary SQL commands via the pollID parameter in a results operation. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect. | ||||
| CVE-2009-0121 | 1 Goople Cms | 1 Goople Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-7091 | 1 Pligg | 1 Pligg Cms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Pligg 9.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to vote.php, which is not properly handled in libs/link.php; (2) id parameter to trackback.php; (3) an unspecified parameter to submit.php; (4) requestTitle variable in a query to story.php; (5) requestID and (6) requestTitle variables in recommend.php; (7) categoryID parameter to cloud.php; (8) title parameter to out.php; (9) username parameter to login.php; (10) id parameter to cvote.php; and (11) commentid parameter to edit.php. | ||||
| CVE-2009-0738 | 1 Frankmancuso | 1 Auth Php | 2025-04-09 | N/A |
| SQL injection vulnerability in login.php in Auth Php 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) passwd parameters. | ||||
| CVE-2008-0267 | 1 Eticket | 1 Eticket | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php. | ||||
| CVE-2006-6747 | 1 Dreaxteam | 1 Xt-news | 2025-04-09 | N/A |
| SQL injection vulnerability in show_news.php in Xt-News 0.1 allows remote attackers to execute arbitrary SQL commands via the id_news parameter. | ||||
| CVE-2008-2384 | 3 Apache, Joey Schulze, Redhat | 3 Http Server, Mod Auth Mysql, Enterprise Linux | 2025-04-09 | N/A |
| SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request. | ||||
| CVE-2008-4772 | 1 Questwork | 1 Questcms | 2025-04-09 | N/A |
| SQL injection vulnerability in main/main.php in QuestCMS allows remote attackers to execute arbitrary SQL commands via the obj parameter. | ||||
| CVE-2009-3252 | 1 Dave Robinson | 1 Rockbandcms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) id parameters. | ||||
| CVE-2008-5779 | 1 Flds Script | 1 Flds | 2025-04-09 | N/A |
| SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6165 | 1 Easy-script | 1 Cspartner | 2025-04-09 | N/A |
| SQL injection vulnerability in gestion.php in CSPartner 0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) pseudo and (2) passe parameters. | ||||
| CVE-2008-6181 | 2 Joomla, Mad4media | 2 Joomla, Com Mad4joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the jid parameter to index.php. | ||||
| CVE-2007-4956 | 1 Kwsphp | 1 Kwsphp | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to login.php, (2) the id parameter to index.php in a carnet editer action in the Member_Space (espace_membre) module, or (3) the typenav parameter to index.php in a browser aff action in the stats module. | ||||
| CVE-2008-5954 | 1 Ktp Computer Customer Database | 1 Ktp Computer Customer Database | 2025-04-09 | N/A |
| SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lname parameter in a login action to an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||