Search Results (19635 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6753 1 Silverstripe 1 Silverstripe 2026-04-23 N/A
SQL injection vulnerability in SilverStripe before 2.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField.
CVE-2008-5069 1 Deeserver 1 Panuwat Promoteweb Mysql 2026-04-23 N/A
SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5289 1 Scripts4you 1 Clean Cms 2026-04-23 N/A
SQL injection vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5057 1 Aspindir 1 Dizi Portali 2026-04-23 N/A
SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5054 1 Develop It Easy 1 Membership System 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters to customer_login.php and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information.
CVE-2009-3661 2 Blueconstantmedia, Joomla 2 Com Djcatalog, Joomla 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php.
CVE-2008-6776 1 Scripts-for-sites 1 Ez Hot Or Not 2026-04-23 N/A
SQL injection vulnerability in viewcomments.php in Scripts For Sites (SFS) EZ Hot or Not allows remote attackers to execute arbitrary SQL commands via the phid parameter.
CVE-2008-6778 1 Scripts-for-sites 1 Ez Auction 2026-04-23 N/A
SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-6779 1 Phpnuke 2 Php-nuke, Sarkilar Module 2026-04-23 N/A
SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php.
CVE-2008-6780 1 Scripts-for-sites 1 Ez Affiliate 2026-04-23 N/A
SQL injection vulnerability in directory.php in Scripts for Sites (SFS) SFS EZ Affiliate allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2009-3974 1 Invisioncommunity 1 Invision Power Board 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Invision Power Board (IPB or IP.Board) 3.0.0, 3.0.1, and 3.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) search_term parameter to admin/applications/core/modules_public/search/search.php and (2) aid parameter to admin/applications/core/modules_public/global/lostpass.php. NOTE: on 20090818, the vendor patched 3.0.2 without changing the version number.
CVE-2008-6781 1 Scripts-for-sites 1 Ez Gaming Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) Gaming Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-6782 1 Scripts-for-sites 1 Ez Hosting Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Hosting Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2009-3973 1 Turnkeyarcade 1 Turnkey Arcade Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a browse action, a different vector than CVE-2008-5629.
CVE-2008-6783 1 Scripts-for-sites 1 Ez Home Business Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Home Business Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-6784 1 Scripts-for-sites 1 Ez Adult Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Adult Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-6787 1 Jeremy Powers 1 Lizardware Cms 2026-04-23 N/A
SQL injection vulnerability in administrator/index.php in Lizardware CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the user.
CVE-2008-6788 1 Minddezign 1 Photo Gallery 2026-04-23 N/A
SQL injection vulnerability in MindDezign Photo Gallery 2.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in an info action to index.php.
CVE-2008-6789 1 Minddezign 1 Photo Gallery 2026-04-23 N/A
SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action to the admin module in index.php, a different vector than CVE-2008-6788.
CVE-2008-6794 1 Sfs Ez Pub 1 Fsf Ex Pub 2026-04-23 N/A
SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Pub Site allows remote attackers to execute arbitrary SQL commands via the cat parameter.