Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2428 | 1 Torrenttrader | 1 Torrenttrader Classic | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in TorrentTrader 1.08 Classic allow remote attackers to execute arbitrary SQL commands via the (1) email or (2) wantusername parameter to account-signup.php, or the (3) receiver parameter to account-inbox.php in a msg action. | ||||
| CVE-2008-2444 | 1 Calogic | 1 Calogic Calendars | 2025-04-09 | N/A |
| SQL injection vulnerability in userreg.php in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary SQL commands via the langsel parameter. | ||||
| CVE-2008-2448 | 1 Aspindir | 1 Meto Forum | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Meto Forum 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) admin/duzenle.asp and (b) admin_oku.asp; the (2) kid parameter to (c) kategori.asp and (d) admin_kategori.asp; and unspecified parameters to (e) uye.asp and (f) oku.asp. | ||||
| CVE-2008-2757 | 1 Xigla | 1 Absolute News Manager Xe | 2025-04-09 | N/A |
| SQL injection vulnerability in search.asp in Xigla Absolute News Manager XE 3.2 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. | ||||
| CVE-2009-3718 | 1 Davethewebguy | 1 Battle Blog | 2025-04-09 | N/A |
| SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote attackers to execute arbitrary SQL commands via the UserName parameter. | ||||
| CVE-2008-2774 | 1 Cartkeeper | 1 Ckgold Shopping Cart | 2025-04-09 | N/A |
| SQL injection vulnerability in item.php in CartKeeper CKGold Shopping Cart 2.5 and 2.7 allows remote attackers to execute arbitrary SQL commands via the category_id parameter, a different vector than CVE-2007-4736. | ||||
| CVE-2008-2775 | 1 Dt Centrepiece | 1 Dt Centrepiece | 2025-04-09 | N/A |
| SQL injection vulnerability in search.asp in DT Centrepiece 4.0 allows remote attackers to execute arbitrary SQL commands via the searchFor parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-3713 | 1 Morcego | 1 Morcegocms | 2025-04-09 | N/A |
| SQL injection vulnerability in fichero.php in MorcegoCMS 1.7.6 and earlier allows remote attackers to execute arbitrary SQL commands via the query string. | ||||
| CVE-2007-6014 | 1 Beehive Forum | 1 Beehive Forum | 2025-04-09 | N/A |
| SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t_dedupe parameter. | ||||
| CVE-2008-2790 | 1 Mountaingrafix | 1 Easytrade | 2025-04-09 | N/A |
| SQL injection vulnerability in detail.php in MountainGrafix easyTrade 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-3712 | 1 Ebayclonescript | 1 Ebay Clone | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php; and the item_id parameter to (2) view_full_size.php, (3) classifide_ad.php, and (4) crosspromoteitems.php. | ||||
| CVE-2009-3697 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-09 | N/A |
| SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters. | ||||
| CVE-2008-3122 | 1 Xerox | 1 Centreware Web | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors. | ||||
| CVE-2009-3665 | 1 Nullam | 1 Nullam Blog | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote attackers to execute arbitrary SQL commands via the (1) i parameter or (2) v parameters in a register action. | ||||
| CVE-2008-3131 | 1 Powie | 1 Psys | 2025-04-09 | N/A |
| SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showid parameter. | ||||
| CVE-2009-3645 | 2 Joomla, Joomlacache | 2 Joomla\!, Com Cbresumebuilder | 2025-04-09 | N/A |
| SQL injection vulnerability in the JoomlaCache CB Resume Builder (com_cbresumebuilder) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the group_id parameter in a group_members action to index.php. | ||||
| CVE-2009-3118 | 1 Danneo | 1 Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in mod/poll/comment.php in the vote module in Danneo CMS 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the comtext parameter, in conjunction with crafted comname and comtitle parameters, in a poll action to index.php, related to incorrect input sanitization in base/danneo.function.php. | ||||
| CVE-2009-3119 | 2 Php-fusion, X-iweb.ru | 2 Php-fusion, Download System Msf | 2025-04-09 | N/A |
| SQL injection vulnerability in screen.php in the Download System mSF (dsmsf) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the view_id parameter. | ||||
| CVE-2009-3632 | 1 Typo3 | 1 Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the traditional frontend editing feature in the Frontend Editing subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to execute arbitrary SQL commands via unspecified parameters. | ||||
| CVE-2009-3595 | 1 Vspanel | 1 Vs Panel | 2025-04-09 | N/A |
| SQL injection vulnerability in results.php in VS PANEL 7.5.5 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter, a different vector than CVE-2009-3590. | ||||