Search Results (19661 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3083 2 Brightcode, Joomla 2 Brightcode Weblinks Module, Com Brightweblinks 2026-04-23 N/A
SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2008-6907 1 2532gigs 1 2532gigs 2026-04-23 N/A
Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, as accessible from a form generated by index.php.
CVE-2008-5851 1 Mypbs 1 Mypbs 2026-04-23 N/A
SQL injection vulnerability in index.php in My PHP Baseball Stats (MyPBS) allows remote attackers to execute arbitrary SQL commands via the seasonID parameter.
CVE-2008-6812 1 Surat Kabar 1 Phpwebnews 2026-04-23 N/A
SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
CVE-2008-0451 1 Pacercms 1 Pacercms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) siteadmin/article-edit.php; and unspecified parameters to (2) submitted-edit.php, (3) page-edit.php, (4) section-edit.php, (5) staff-edit.php, and (6) staff-access.php in siteadmin/.
CVE-2009-1509 1 Myiosoft 1 Ajaxportal 2026-04-23 N/A
SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-5841 1 Igamingcms 1 Igaming Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the browse parameter to (1) previews.php and (2) reviews.php, and the (3) id parameter to index.php in a viewarticle action.
CVE-2008-6517 1 Nick Jenkin 1 Newshowler 2026-04-23 N/A
SQL injection vulnerability in NewsHOWLER 1.03 Beta allows remote attackers to execute arbitrary SQL commands via the news_user cookie parameter.
CVE-2008-5737 1 Nodstrum 1 Mysql Calendar 2026-04-23 N/A
SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-6155 1 Hispah 1 Text Links Ads 2026-04-23 N/A
SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 allows remote attackers to execute arbitrary SQL commands via the idtl parameter in a buy action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-1650 1 Tenfourzero 1 Shutter 2026-04-23 N/A
Multiple SQL injection vulnerabilities in photos.php in Shutter 0.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) albumID, (2) tagID, and (3) photoID parameters to index.html.
CVE-2009-1651 1 2daybiz 1 Business Community Script 2026-04-23 N/A
SQL injection vulnerability in admin/member_details.php in 2daybiz Business Community Script allows remote attackers to execute arbitrary SQL commands via the mid parameter.
CVE-2009-1655 1 Easy-scripts 1 Answer And Question Script 2026-04-23 N/A
Multiple SQL injection vulnerabilities in myaccount.php in Easy Scripts Answer and Question Script allow remote authenticated users to execute arbitrary SQL commands via the (1) user name (userid parameter) and (2) password.
CVE-2009-1661 1 Anoldman 1 Utopic 2026-04-23 N/A
SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php.
CVE-2008-3039 1 Typo3 1 Dam Frontend Extension 2026-04-23 N/A
SQL injection vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-1662 1 Recipescript 1 Recipe Script 2026-04-23 N/A
Multiple SQL injection vulnerabilities in admin/login.php in Wright Way Services Recipe Script 5 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) Password fields, as reachable from admin/index.php.
CVE-2008-3034 1 Rss Aggregator 1 Rss Aggregator 2026-04-23 N/A
Multiple SQL injection vulnerabilities in RSS-aggregator 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) IdFlux parameter to admin/fonctions/supprimer_flux.php and the (2) IdTag parameter to admin/fonctions/supprimer_tag.php.
CVE-2009-1818 1 Maxcms 1 Maxcms 2026-04-23 N/A
SQL injection vulnerability in admin/admin_manager.asp in MaxCMS 2.0 allows remote attackers to execute arbitrary SQL commands via an m_username cookie in an add action.
CVE-2009-1819 1 2daybiz 1 Custom T-shirt Design Script 2026-04-23 N/A
SQL injection vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3722 1 Fipsasp 1 Fipscms 2026-04-23 N/A
SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.