Export limit exceeded: 361184 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19557 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3205 | 1 Cbauthority | 1 Cbauthority | 2026-04-23 | N/A |
| SQL injection vulnerability in main.php in CBAuthority allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_product action. | ||||
| CVE-2009-3203 | 1 Ajsquare | 1 Aj Auction Pro-oopd | 2026-04-23 | N/A |
| SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1911 | 1 1024 Cms | 1 1024 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a cookpass cookie. | ||||
| CVE-2008-1763 | 1 Blogator Script | 1 Blogator Script | 2026-04-23 | N/A |
| SQL injection vulnerability in _blogadata/include/sond_result.php in Blogator-script 0.95 allows remote attackers to execute arbitrary SQL commands via the id_art parameter. | ||||
| CVE-2008-1759 | 2 Jeuxflash, Kwsphp | 2 Jeuxflash Module, Kwsphp | 2026-04-23 | N/A |
| SQL injection vulnerability in the jeuxflash module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php, a different vector than CVE-2007-4922. | ||||
| CVE-2008-1715 | 1 Auracms | 1 Auracms | 2026-04-23 | N/A |
| SQL injection vulnerability in content/user.php in AuraCMS 2.2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the country parameter. | ||||
| CVE-2007-2534 | 1 Phphoo3 | 1 Phphoo3 | 2026-04-23 | 9.8 Critical |
| Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a login. NOTE: CVE disputes this vulnerability, since ADMIN_USER/ADMIN_PASS are initialized before use | ||||
| CVE-2008-1650 | 1 Myiosoft | 1 Easynews | 2026-04-23 | N/A |
| SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edp_Help_Internal_News action. | ||||
| CVE-2008-3346 | 1 E-topbiz | 1 Shopcart Dx | 2026-04-23 | N/A |
| SQL injection vulnerability in product_detail.php in ShopCart DX allows remote attackers to execute arbitrary SQL commands via the pid parameter. | ||||
| CVE-2008-1646 | 2 Arnos Toolbox, Wordpress | 2 Wp-download, Wp Download | 2026-04-23 | N/A |
| SQL injection vulnerability in wp-download.php in the WP-Download 1.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the dl_id parameter. | ||||
| CVE-2008-1639 | 1 Neat Web | 1 Neat-web | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Neat weblog 0.2 allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a show action, probably related to the showArticle function in lib/lib_article.include.php. | ||||
| CVE-2008-1540 | 2 Joomla, Mambo | 2 Datsogallery, Datsogallery | 2026-04-23 | N/A |
| SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-0984 | 1 Aspcode.net | 1 Pollmentor | 2026-04-23 | N/A |
| SQL injection vulnerability in admin_poll.asp in PollMentor 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to pollmentorres.asp. | ||||
| CVE-2008-1539 | 1 Futurenuke | 1 Php Nuke Platinum | 2026-04-23 | N/A |
| SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary SQL commands via the p parameter to modules.php for the Forums module. | ||||
| CVE-2008-1350 | 1 Fully Modded Phpbb | 1 Fully Modded Phpbb | 2026-04-23 | N/A |
| SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm) 80220 allows remote attackers to execute arbitrary SQL commands via the k parameter in an article action. | ||||
| CVE-2008-3241 | 1 Ultrastats | 1 Ultrastats | 2026-04-23 | N/A |
| SQL injection vulnerability in players-detail.php in UltraStats 0.2.136, 0.2.140, and 0.2.142 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-3240 | 1 Alstrasoft | 1 Affiliate Network Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote attackers to execute arbitrary SQL commands via the pgm parameter in a directory action. | ||||
| CVE-2008-3238 | 1 Itechscripts | 1 Itechbids | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow remote attackers to execute arbitrary SQL commands via (1) the seller_id parameter in sellers_othersitem.php, (2) the productid parameter in classifieds.php, and (3) the id parameter in shop.php. | ||||
| CVE-2008-3070 | 1 Mybb | 1 Mybb | 2026-04-23 | N/A |
| Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection. | ||||
| CVE-2008-0776 | 1 Itechscripts | 1 Itechbids | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.php in iTechBids Gold 6.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | ||||