Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2562 | 1 Powerphlogger | 1 Powerphlogger | 2025-04-09 | N/A |
| SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and earlier allows remote authenticated users to execute arbitrary SQL commands via the css_str parameter in an edit action. | ||||
| CVE-2007-4778 | 1 Joomla | 1 Joomla | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to (1) archive.php, (2) category.php, or (3) section.php in models/. NOTE: this may be the same as CVE-2007-4777. | ||||
| CVE-2008-3369 | 1 Viart | 1 Viart Shop | 2025-04-09 | N/A |
| SQL injection vulnerability in products_rss.php in ViArt Shop 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||
| CVE-2008-3378 | 1 Fizzmedia Negativekarma | 1 Fizzmedia | 2025-04-09 | N/A |
| SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows remote attackers to execute arbitrary SQL commands via the mid parameter. | ||||
| CVE-2008-3387 | 1 Phpfootball | 1 Phpfootball | 2025-04-09 | N/A |
| SQL injection vulnerability in show.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the dbtable parameter. | ||||
| CVE-2008-3343 | 1 Myiosoft | 1 Easypublish | 2025-04-09 | N/A |
| SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr (trial edition) allows remote attackers to execute arbitrary SQL commands via the read parameter in a search action. | ||||
| CVE-2008-3345 | 1 Myiosoft | 1 Easye-cards | 2025-04-09 | N/A |
| SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a pickup action. | ||||
| CVE-2008-3352 | 1 Nersoft | 1 Live Music Plus | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Live Music Plus 1.1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a Singer action. | ||||
| CVE-2007-6012 | 1 Gatesoft | 1 Docusafe | 2025-04-09 | N/A |
| SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the artnr parameter (aka the search section). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-4762 | 1 E-smart Cart | 1 E-smart Cart | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in embadmin/login.asp in E-SMARTCART 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user and (2) pass fields, different vectors than CVE-2007-0092. | ||||
| CVE-2007-5233 | 1 Deonixscripts | 1 Web Template Management System | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a readmore action. | ||||
| CVE-2008-4241 | 1 Cj | 1 Ultra Plus | 2025-04-09 | N/A |
| SQL injection vulnerability in CJ Ultra Plus 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via an SID cookie. | ||||
| CVE-2009-4375 | 1 Alienvault | 1 Open Source Security Information Management | 2025-04-09 | N/A |
| SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary SQL commands via the id_document parameter. | ||||
| CVE-2009-1734 | 1 Omnisoftsol | 1 Vidsharepro | 2025-04-09 | N/A |
| SQL injection vulnerability in listing_video.php in VidSharePro allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2009-1746 | 1 Diangemilang | 1 Dgnews | 2025-04-09 | N/A |
| SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2009-1778 | 1 Bigace | 1 Bigace Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in the new user registration feature in BigACE CMS 2.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-1810 | 1 Collector | 1 Mycolex | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via (1) the formUser parameter (aka the Name field) to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to (2) kategorie.php, (3) medium.php, (4) person.php, or (5) schlagwort.php in modules/, related to classes/class.perform.php. | ||||
| CVE-2009-1819 | 1 2daybiz | 1 Custom T-shirt Design Script | 2025-04-09 | N/A |
| SQL injection vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-1910 | 1 Rafal Kucharski | 1 Rtwebalbum | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in RTWebalbum 1.0.462 allows remote attackers to execute arbitrary SQL commands via the AlbumId parameter. | ||||
| CVE-2009-2010 | 1 Haudenschilt | 1 Family Connections Cms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) thread parameter to messageboard.php, (2) member parameter to profile.php, (3) pid parameter to gallery/index.php, and the (4) fcms_login_id cookie parameter. | ||||