Export limit exceeded: 19582 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19582 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4655 | 1 Typo3 | 2 Simplesurvey, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-4642 | 1 Astrospaces | 1 Astrospaces | 2026-04-23 | N/A |
| SQL injection vulnerability in profile.php in AstroSPACES 1.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action. | ||||
| CVE-2009-3342 | 2 Alphaplug, Joomla | 2 Com Alphauserpoints, Joomla\! | 2026-04-23 | N/A |
| SQL injection vulnerability in frontend/assets/ajax/checkusername.php in the AlphaUserPoints (com_alphauserpoints) component 1.5.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the username2points parameter. | ||||
| CVE-2008-4897 | 1 Logz | 1 Logz | 2026-04-23 | N/A |
| SQL injection vulnerability in fichiers/add_url.php in Logz podcast CMS 1.3.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the art parameter. | ||||
| CVE-2008-3359 | 1 Owl | 1 Intranet Knowledgebase | 2026-04-23 | N/A |
| SQL injection vulnerability in register.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3351 | 1 Atomphotoblog | 1 Atomphotoblog | 2026-04-23 | N/A |
| SQL injection vulnerability in atomPhotoBlog.php in Atom PhotoBlog 1.0.9.1 and 1.1.5b1 allows remote attackers to execute arbitrary SQL commands via the photoId parameter in a show action. | ||||
| CVE-2008-3341 | 1 Jobbex | 1 Jobsite | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in search_result.cfm in Jobbex JobSite allow remote attackers to execute arbitrary SQL commands via the (1) jobcountryid and (2) jobstateid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-3349 | 1 Datavore | 1 Gyro | 2026-04-23 | N/A |
| SQL injection vulnerability in Datavore Gyro 5.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter in a cat action to the home component. | ||||
| CVE-2009-3356 | 1 Plohni | 1 Image Voting | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter. | ||||
| CVE-2009-0768 | 1 Yapbb | 1 Yapbb | 2026-04-23 | N/A |
| SQL injection vulnerability in forumhop.php in YapBB 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the forumID parameter in a next action. | ||||
| CVE-2008-4569 | 1 Xigla | 1 Absolute Poll Manager Xe | 2026-04-23 | N/A |
| SQL injection vulnerability in xlacomments.asp in XIGLA Software Absolute Poll Manager XE 4.1 allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||
| CVE-2009-1952 | 1 Propertymaxpro | 1 Propertymax Pro Free | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the administrative login feature in PropertyMax Pro FREE 0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | ||||
| CVE-2008-3297 | 1 Social Engine | 1 Social Engine | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in SocialEngine (SE) before 2.83 allow remote attackers to execute arbitrary SQL commands via (1) an se_user cookie to include/class_user.php or (2) an se_admin cookie to include/class_admin.php. | ||||
| CVE-2009-3361 | 1 Paul Gibbs | 1 Php-ipnmonitor | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincat_id parameter. | ||||
| CVE-2008-4378 | 1 Mr. Cgi Guy | 1 Hot Links Sql Php | 2026-04-23 | N/A |
| SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4431 | 1 Icebb | 1 Icebb | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and earlier allows remote attackers to execute arbitrary SQL commands via the skin parameter, probably related to an incorrect protection mechanism in the clean_string function in includes/functions.php. | ||||
| CVE-2008-3090 | 1 Blognplus | 1 Blognplus | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819. | ||||
| CVE-2009-1913 | 1 Luxbum | 1 Luxbum | 2026-04-23 | N/A |
| SQL injection vulnerability in manager.php in LuxBum 0.5.5, when magic_quotes_gpc is disabled and dotclear authentication is used, allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | ||||
| CVE-2008-4338 | 1 Vacilanda | 1 Brilliant Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in the brilliant_gallery_checklist_save function in the bgchecklist/save script in Brilliant Gallery 5.x and 6.x, a module for Drupal, allows remote authenticated users with "access brilliant_gallery" permissions to execute arbitrary SQL commands via the (1) nid, (2) qid, (3) state, and possibly (4) user parameters. | ||||
| CVE-2008-4436 | 1 Bblog | 1 Wbblog | 2026-04-23 | N/A |
| SQL injection vulnerability in bblog_plugins/builtin.help.php in bBlog 0.7.6 allows remote attackers to execute arbitrary SQL commands via the mod parameter. | ||||