Search Results (19646 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-5766 1 Oracle 1 E-business Suite 2026-04-23 N/A
SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure.
CVE-2008-2564 1 Joomla 2 Com Jotloader, Joomla 2026-04-23 N/A
SQL injection vulnerability in the JotLoader (com_jotloader) component 1.2.1.a and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php.
CVE-2008-2562 1 Powerphlogger 1 Powerphlogger 2026-04-23 N/A
SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and earlier allows remote authenticated users to execute arbitrary SQL commands via the css_str parameter in an edit action.
CVE-2008-2560 1 Fourtwosevenbb 1 427bb 2026-04-23 N/A
SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remote attackers to execute arbitrary SQL commands via the post parameter.
CVE-2008-3556 1 Haudenschilt 1 Battlenet Clan Script 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Battle.net Clan Script 1.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) showmember parameter in a members action and the (2) thread parameter in a board action. NOTE: vector 1 might be the same as CVE-2008-2522.
CVE-2008-2556 1 Hessel Brouwer 1 Php Visit Counter 2026-04-23 N/A
SQL injection vulnerability in read.php in PHP Visit Counter 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the datespan parameter in a read action.
CVE-2008-2555 1 Easyway 1 Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in EasyWay CMS allows remote attackers to execute arbitrary SQL commands via the mid parameter.
CVE-2008-2554 1 Bp Blog 1 Bp Blog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp.
CVE-2009-3215 2 Joomla, Php-shop-system 2 Joomla, Ixxo Cart 2026-04-23 N/A
SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter.
CVE-2007-5719 1 Minibb 1 Minibb 2026-04-23 N/A
SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows remote attackers to execute arbitrary SQL commands via the table parameter to index.php.
CVE-2008-2492 1 Badongo 1 Campus Bulletin Board 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to post3/view.asp and the (2) review parameter to post3/book.asp.
CVE-2008-2491 1 Hotscripts 1 Ablespace 2026-04-23 N/A
SQL injection vulnerability in adv_cat.php in AbleSpace 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-2489 1 Typo3 1 Sg Zfelib 2026-04-23 N/A
SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified "user input."
CVE-2008-2487 1 Maxsite 1 Maxsite 2026-04-23 N/A
SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a webboard action.
CVE-2008-2484 1 Xomol 1 Xomol Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter.
CVE-2006-7232 3 Canonical, Mysql, Redhat 3 Ubuntu Linux, Mysql, Enterprise Linux 2026-04-23 N/A
sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
CVE-2009-3226 1 Almondsoft 2 Affiliate Network Classifieds, Almond Classifieds 2026-04-23 N/A
SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action. NOTE: some of these details are obtained from third party information.
CVE-2008-2479 1 Badongo 1 Phpfix 2026-04-23 N/A
Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) kind parameter to fix/browse.php and the (2) account parameter to auth/00_pass.php.
CVE-2007-5511 1 Oracle 1 Database Server 2026-04-23 N/A
SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain.
CVE-2009-2881 1 Artis.imag 1 Basilic 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote attackers to execute arbitrary SQL commands via the idAuthor parameter to (1) index.php and possibly (2) allpubs.php in publications/.