Search Results (19646 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-1034 1 Php-nuke 1 Emporium Module 2026-04-23 N/A
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
CVE-2009-0296 1 Gempar 1 Script Toko Online 2026-04-23 N/A
SQL injection vulnerability in shop_display_products.php in Script Toko Online 5.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2009-0295 1 Itlpoll 1 Itpoll 2026-04-23 N/A
SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) 2.7 Stable 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0287 1 Keep Toolkit 1 Keep Toolkit 2026-04-23 N/A
SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password.
CVE-2009-0284 1 Flaxweb 1 Flax Article Manager 2026-04-23 N/A
SQL injection vulnerability in category.php in Flax Article Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2003-1573 1 Sun 1 J2ee 2026-04-23 N/A
The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages."
CVE-2008-6720 1 Deltascripts 1 Php Links 2026-04-23 N/A
SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka the admin field).
CVE-2008-6697 2 Michael Fritz, Typo3 2 Worldcup, Typo3 2026-04-23 N/A
SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6264 1 E-topbiz 1 Slide Popups 2026-04-23 N/A
SQL injection vulnerability in admin/admin.php in E-topbiz Slide Popups 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2008-6696 2 Manu Oehler, Typo3 2 Toto, Typo3 2026-04-23 N/A
SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2007-4845 1 Rwscripts.com 1 Rw Download Lite 2026-04-23 N/A
Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Download 2.0.3 lite allow remote attackers to execute arbitrary SQL commands via the (1) dlid or (2) cid parameter.
CVE-2008-6263 1 Infireal 1 Saturncms 2026-04-23 N/A
SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the username parameter to the _userLoggedIn function. NOTE: some of these details are obtained from third party information.
CVE-2008-6695 2 Frank Naegler, Typo3 2 Timtab Sociable, Typo3 2026-04-23 N/A
SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2007-4863 1 Quirm 1 Saxon 2026-04-23 N/A
SQL injection vulnerability in example.php in SAXON 5.4 allows remote attackers to execute arbitrary SQL commands via the template parameter.
CVE-2008-6694 2 Fr.simon Rundell, Typo3 2 Ste Prayer, Typo3 2026-04-23 N/A
SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6262 1 Infireal 1 Saturncms 2026-04-23 N/A
SQL injection vulnerability in lib/url/meta_url.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the URL to the translate function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0325 1 Fascript 1 Fapersian Petition 2026-04-23 N/A
SQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6693 2 Sebastian Baumann, Typo3 2 Sb Downloader, Typo3 2026-04-23 N/A
SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6692 2 Fr.simon Rundell, Typo3 2 Pd Trainingcourses, Typo3 2026-04-23 N/A
SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6261 1 E-topbiz 1 Admanager 2026-04-23 N/A
SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows remote attackers to execute arbitrary SQL commands via the group parameter.