Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2380 | 1 Courier-mta | 1 Courtier-authlib | 2025-04-09 | N/A |
| SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes. | ||||
| CVE-2008-2381 | 1 Gforge | 1 Gforge | 2025-04-09 | N/A |
| SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable. | ||||
| CVE-2008-2394 | 1 Tagworx | 1 Tagworx Cms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php. | ||||
| CVE-2008-2393 | 1 Entertainmentscript | 1 Entertainmentscript | 2025-04-09 | N/A |
| SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2395 | 1 Alkalinephp | 1 Alkalinephp | 2025-04-09 | N/A |
| SQL injection vulnerability in thread.php in AlkalinePHP 0.80.00 beta and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2416 | 1 Fichive | 1 Fichive | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php. | ||||
| CVE-2008-2412 | 1 Acgv.free | 1 Acgv News | 2025-04-09 | N/A |
| SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2422 | 1 Webslider | 1 Webslider | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Web Slider 0.6 allows remote attackers to execute arbitrary SQL commands via the slide parameter in a slides action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2425 | 1 Fichive | 1 Fichive | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the letter parameter in a Search action, a different vector than CVE-2008-2416. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2429 | 1 Calendarix | 1 Basic | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via (1) the catsearch parameter to cal_search.php or (2) the catview parameter to cal_cat.php. NOTE: vector 1 might overlap CVE-2007-3183.3, and vector 2 might overlap CVE-2005-1865.2. | ||||
| CVE-2008-2446 | 1 Wgcc | 1 Web Group Communication Center | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) userid parameter to (a) profile.php in a "show moreinfo" action; the (2) bildid parameter to (b) picturegallery.php in a shownext action; the (3) id parameter to (c) filebase.php in a freigeben action, (d) schedule.php in a del action, and (e) profile.php in an observe action; and the (4) pmid parameter in a delete action and (5) folderid parameter in a showfolder action to (f) message.php. | ||||
| CVE-2008-2447 | 1 Mytipper | 1 Zogo Shop | 2025-04-09 | N/A |
| SQL injection vulnerability in products.php in the Mytipper ZoGo-shop plugin 1.15.5 and 1.16 Beta 13 for e107 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-2456 | 1 Comicshout | 1 Comicshout | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in ComicShout 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the comic_id parameter. | ||||
| CVE-2008-2457 | 1 Bitmixsoft | 1 Php-jokesite | 2025-04-09 | N/A |
| SQL injection vulnerability in jokes_category.php in PHP-Jokesite 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2008-2453 | 1 Phpclassifiedsscript | 1 Php Classifieds Script | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in PHP Classifieds Script allow remote attackers to execute arbitrary SQL commands via the fatherID parameter to (1) browse.php and (2) search.php. | ||||
| CVE-2008-2455 | 1 E107coders | 1 E107 Blog Engine | 2025-04-09 | N/A |
| SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the rid parameter. | ||||
| CVE-2008-2454 | 1 Joomla | 1 Com Xsstream-dm | 2025-04-09 | N/A |
| SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) component 0.01 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the movie parameter to index.php. | ||||
| CVE-2008-2461 | 1 Netious | 1 Netious Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Netious CMS 0.4 allows remote attackers to execute arbitrary SQL commands via the pageid parameter, a different vector than CVE-2006-4047. | ||||
| CVE-2008-2479 | 1 Badongo | 1 Phpfix | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) kind parameter to fix/browse.php and the (2) account parameter to auth/00_pass.php. | ||||
| CVE-2008-2484 | 1 Xomol | 1 Xomol Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter. | ||||