Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4566 | 1 Zenphoto | 1 Zenphoto | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote attackers to execute arbitrary SQL commands via the title parameter in a news action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-2326 | 1 Max Kervin | 1 Kervinet Forum | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in KerviNet Forum 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) an enter_parol cookie to index.php in an auto action or (2) the topic parameter to message.php. NOTE: vector 2 can be leveraged for a cross-site scripting (XSS) attack. | ||||
| CVE-2007-5084 | 1 Broadcom | 1 Brightstor Hierarchical Storage Manager | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others. | ||||
| CVE-2008-1406 | 1 Exv2 | 1 Exv2 | 2025-04-09 | N/A |
| SQL injection vulnerability in annonces-p-f.php in the MyAnnonces 1.8 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the lid parameter in an ImprAnn action. | ||||
| CVE-2008-4044 | 1 Aj Square | 1 Aj Hyip | 2025-04-09 | N/A |
| SQL injection vulnerability in article/readarticle.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the artid parameter. | ||||
| CVE-2009-2147 | 1 Phpwebthings | 1 Phpwebthings | 2025-04-09 | N/A |
| SQL injection vulnerability in fdown.php in phpWebThings 1.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0157 | 1 Flexbb | 1 Flexbb | 2025-04-09 | N/A |
| SQL injection vulnerability in FlexBB 0.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_temp_id parameter in a cookie. | ||||
| CVE-2008-6802 | 1 Phpexplorer | 1 Phphotogallery | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in index.php in phPhotoGallery 0.92 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6322 | 1 Cfmsource | 1 Cfmblog | 2025-04-09 | N/A |
| SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | ||||
| CVE-2008-4464 | 1 Vastal I-tech | 1 Mag Zone | 2025-04-09 | N/A |
| SQL injection vulnerability in view_mags.php in Vastal I-Tech Mag Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2008-4462 | 1 Vastal I-tech | 1 Visa Zone | 2025-04-09 | N/A |
| SQL injection vulnerability in view_news.php in Vastal I-Tech Visa Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | ||||
| CVE-2008-6803 | 1 Yigit Aybuga | 1 Dizi Portali | 2025-04-09 | N/A |
| SQL injection vulnerability in diziler.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2917 | 1 Preprojects | 1 E-smart Cart | 2025-04-09 | N/A |
| SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||
| CVE-2003-1573 | 1 Sun | 1 J2ee | 2025-04-09 | N/A |
| The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages." | ||||
| CVE-2008-4074 | 1 Zanfi Solutions | 1 Autodealers Cms Autonline | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2008-6794 | 1 Sfs Ez Pub | 1 Fsf Ex Pub | 2025-04-09 | N/A |
| SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Pub Site allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-3131 | 1 Powie | 1 Psys | 2025-04-09 | N/A |
| SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showid parameter. | ||||
| CVE-2007-4837 | 1 Proxy Anket | 1 Proxy Anket | 2025-04-09 | N/A |
| SQL injection vulnerability in anket.asp in Proxy Anket 3.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0682 | 1 Wordpress | 1 Wordspew | 2025-04-09 | N/A |
| SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin before 3.72 for Wordpress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-3122 | 1 Xerox | 1 Centreware Web | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors. | ||||