Export limit exceeded: 359669 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359669 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19502 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19502 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2627 | 1 Joomla | 1 Com Idoblog | 2026-04-23 | N/A |
| SQL injection vulnerability in the IDoBlog (com_idoblog) component b24 and earlier and 1.0, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the userid parameter in a userblog action to index.php. | ||||
| CVE-2009-0593 | 1 Plxwebdev | 1 Plx Auto Reminder | 2026-04-23 | N/A |
| SQL injection vulnerability in members.php in plx Auto Reminder 3.7 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a newar action. | ||||
| CVE-2007-5973 | 1 Jportal | 1 Jportal Web Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in articles.php in JPortal 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter. | ||||
| CVE-2008-6390 | 1 Ocean12tech | 1 Membership Manager Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-6622 | 1 Zeuscms | 1 Zeuscms | 2026-04-23 | N/A |
| SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header. | ||||
| CVE-2007-6658 | 1 Customcms | 1 Ccms | 2026-04-23 | N/A |
| SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page. | ||||
| CVE-2008-6485 | 1 Softcomplex | 1 Php Image Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery allows remote attackers to execute arbitrary SQL commands via the ctg parameter. | ||||
| CVE-2009-4339 | 2 Stephan Vits, Typo3 | 2 Mf Subscription, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Subscription (mf_subscription) extension 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2008-5954 | 1 Ktp Computer Customer Database | 1 Ktp Computer Customer Database | 2026-04-23 | N/A |
| SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lname parameter in a login action to an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1404 | 1 Exv2 | 1 Exv2 | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Viso (Industry Book) 2.04 and 2.03 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the kid parameter. | ||||
| CVE-2008-6481 | 3 Joomla, Joomprod, Mambo-foundation | 3 Joomla, Com Versioning, Mambo | 2026-04-23 | N/A |
| SQL injection vulnerability in the Versioning component (com_versioning) 1.0.2 in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php. | ||||
| CVE-2008-3701 | 1 Kayako | 1 Supportsuite | 2026-04-23 | N/A |
| SQL injection vulnerability in staff/index.php in Kayako SupportSuite 3.20.02 and earlier allows remote authenticated users to execute arbitrary SQL commands via the customfieldlinkid parameter in a delcflink action. | ||||
| CVE-2009-1852 | 1 Graphiks | 1 Myforum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Graphiks MyForum 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. | ||||
| CVE-2009-0534 | 1 Flexcms | 1 Flexcms | 2026-04-23 | N/A |
| SQL injection vulnerability in FlexCMS allows remote attackers to execute arbitrary SQL commands via the catId parameter. | ||||
| CVE-2009-2553 | 1 Supersimple | 1 Super Simple Blog Script | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in comments.php in Super Simple Blog Script 2.5.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the entry parameter. | ||||
| CVE-2008-4143 | 1 Razorecommerce | 1 Shopping Cart | 2026-04-23 | N/A |
| SQL injection vulnerability in category_search.php in RazorCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1314 | 2 Johannes Hass, Phpnuke | 2 Gaestebuch Module, Php-nuke | 2026-04-23 | N/A |
| SQL injection vulnerability in the Johannes Hass gaestebuch 2.2 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to modules.php. | ||||
| CVE-2006-7138 | 1 Oracle | 1 Apex | 2026-04-23 | N/A |
| SQL injection vulnerability in wwv_flow_utilities.gen_popup_list in the WWV_FLOW_UTILITIES package for Oracle APEX/HTMLDB before 2.2 allows remote authenticated users to execute arbitrary SQL by modifying the P_LOV parameter and calculating a matching MD5 checksum for the P_LOV_CHECKSUM parameter. NOTE: it is likely that this issue is subsumed by CVE-2006-5351, but due to lack of details from Oracle, this cannot be proven. | ||||
| CVE-2008-2626 | 1 Battleblog | 1 Battleblog | 2026-04-23 | N/A |
| SQL injection vulnerability in comment.asp in Battle Blog 1.25 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter. | ||||
| CVE-2008-6468 | 1 Dieselscripts | 1 Diesel Pay | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Diesel Pay allows remote attackers to execute arbitrary SQL commands via the area parameter in a browse action. | ||||