Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-6671 | 1 Instantsoftwares | 1 Dating Site | 2025-04-09 | N/A |
| SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-6021. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5037 | 1 Elkagroup | 1 Image Gallery | 2025-04-09 | N/A |
| SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-3719 | 1 Scripts-for-sites | 1 Affiliate Directory | 2025-04-09 | N/A |
| SQL injection vulnerability in directory.php in SFS Affiliate Directory allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action. | ||||
| CVE-2008-5816 | 1 Ilias | 1 Ilias | 2025-04-09 | N/A |
| SQL injection vulnerability in repository.php in ILIAS 3.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ref_id parameter. | ||||
| CVE-2007-6170 | 2 Debian, Digium | 2 Debian Linux, Asterisk | 2025-04-09 | N/A |
| SQL injection vulnerability in the Call Detail Record Postgres logging engine (cdr_pgsql) in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows remote authenticated users to execute arbitrary SQL commands via (1) ANI and (2) DNIS arguments. | ||||
| CVE-2007-6217 | 1 Irola | 1 My-time | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in login.asp in Irola My-Time (aka Timesheet) 3.5 allow remote attackers to execute arbitrary SQL commands via the (1) login (aka Username) and (2) password parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6392 | 1 Dominion Web | 1 Dwdirectory | 2025-04-09 | N/A |
| SQL injection vulnerability in DWdirectory 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the search parameter to the /search URI. | ||||
| CVE-2007-6670 | 1 Phpcredo | 1 Phcdownload | 2025-04-09 | N/A |
| SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers to execute arbitrary SQL commands via the string parameter. | ||||
| CVE-2008-0795 | 3 Joomla, Mambo, Mgfi | 3 Joomla, Mambo, Xfaq | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action. | ||||
| CVE-2008-0799 | 2 Joomla, Mambo | 2 Com Quiz, Com Quiz | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action. | ||||
| CVE-2008-0857 | 1 Woltlab | 1 Burning Board | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in WoltLab Burning Board 3.0.3 PL 1 allows remote attackers to execute arbitrary SQL commands via the sortOrder parameter to the PMList page. | ||||
| CVE-2006-7025 | 1 Sangwan Kim | 1 Bookmark4u | 2025-04-09 | N/A |
| SQL injection vulnerability in admin/config.php in Bookmark4U 2.0 and 2.1 allows remote attackers to inject arbitrary SQL command via the sqlcmd parameter. | ||||
| CVE-2008-1398 | 1 Auracms | 1 Auracms | 2025-04-09 | N/A |
| SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field (HTTP_X_FORWARDED_FOR environment variable) in an HTTP header. | ||||
| CVE-2008-1406 | 1 Exv2 | 1 Exv2 | 2025-04-09 | N/A |
| SQL injection vulnerability in annonces-p-f.php in the MyAnnonces 1.8 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the lid parameter in an ImprAnn action. | ||||
| CVE-2008-5841 | 1 Igamingcms | 1 Igaming Cms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the browse parameter to (1) previews.php and (2) reviews.php, and the (3) id parameter to index.php in a viewarticle action. | ||||
| CVE-2008-4906 | 2 E107, W1n78 | 2 E107, Lyrics | 2025-04-09 | N/A |
| SQL injection vulnerability in lyrics_song.php in the Lyrics (lyrics_menu) plugin 0.42 for e107 allows remote attackers to execute arbitrary SQL commands via the l_id parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6247 | 1 Scripts-for-sites | 1 Ez Top Sites | 2025-04-09 | N/A |
| SQL injection vulnerability in topsite.php in Scripts For Sites (SFS) EZ Top Sites allows remote attackers to execute arbitrary SQL commands via the ts parameter. | ||||
| CVE-2008-6776 | 1 Scripts-for-sites | 1 Ez Hot Or Not | 2025-04-09 | N/A |
| SQL injection vulnerability in viewcomments.php in Scripts For Sites (SFS) EZ Hot or Not allows remote attackers to execute arbitrary SQL commands via the phid parameter. | ||||
| CVE-2008-6991 | 1 Cmsbright | 1 Cmsbright | 2025-04-09 | N/A |
| SQL injection vulnerability in public/page.php in Websens CMSbright allows remote attackers to execute arbitrary SQL commands via the id_rub_page parameter. | ||||
| CVE-2009-3510 | 1 Dataspheric | 1 Linkspheric | 2025-04-09 | N/A |
| SQL injection vulnerability in viewListing.php in linkSpheric 0.74 Beta 6 allows remote attackers to execute arbitrary SQL commands via the listID parameter. | ||||