Export limit exceeded: 19630 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19630 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2634 | 1 Bearrivernet.net | 1 I-pos Internet Pay Online Store | 2026-04-23 | N/A |
| SQL injection vulnerability in index.asp in I-Pos Internet Pay Online Store 1.3 Beta and earlier allows remote attackers to execute arbitrary SQL commands via the item parameter. | ||||
| CVE-2008-3599 | 1 Openimpro | 1 Openimpro | 2026-04-23 | N/A |
| SQL injection vulnerability in image.php in OpenImpro 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-6202 | 1 Neocrome | 1 Seditio | 2026-04-23 | N/A |
| SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php. | ||||
| CVE-2007-5991 | 1 Exo | 1 Exophpdesk | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in ExoPHPdesk allows remote attackers to execute arbitrary SQL commands via the user parameter in a profile fn action. | ||||
| CVE-2007-5996 | 1 Softbizscripts | 1 Link Directory Script | 2026-04-23 | N/A |
| SQL injection vulnerability in searchresult.php in Softbiz Link Directory Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter, a related issue to CVE-2007-5449. | ||||
| CVE-2007-5997 | 1 Softbizscripts | 1 Banner Exchange Network Script | 2026-04-23 | N/A |
| SQL injection vulnerability in campaign_stats.php in Softbiz Banner Exchange Network Script 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-5998 | 1 Softbizscripts | 1 Ad Management Plus Script | 2026-04-23 | N/A |
| SQL injection vulnerability in ads.php in Softbiz Ad Management plus Script 1 allows remote authenticated users to execute arbitrary SQL commands via the package parameter. | ||||
| CVE-2008-2642 | 1 Kmrg-itb | 1 Otomigenx | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in OtomiGenX 2.2 allows remote attackers to execute arbitrary SQL commands via the userAccount parameter (aka the User Name field) to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-5999 | 1 Softbizscripts | 1 Softbiz Auctions Script | 2026-04-23 | N/A |
| SQL injection vulnerability in product_desc.php in Softbiz Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-6004 | 1 Toko | 1 Instan | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Toko Instan 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in an artikel action or (2) the katid parameter in a produk action. | ||||
| CVE-2008-2685 | 1 Battleblog | 1 Battleblog | 2026-04-23 | N/A |
| SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter, a different vector than CVE-2008-2626. | ||||
| CVE-2007-6078 | 1 Skyportal | 1 Skyportal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) nc_top.asp; (2) inc_bookmarks.asp, possibly involving a parameter passed from cp_main.asp; (3) inc_profile_functions.asp; or (4) inc_SUBSCRIPTIONS.asp; or the (5) Avatar_URL, (6) LINK1, or (7) LINK2 parameter to cp_main.asp in an EditIt action. | ||||
| CVE-2007-6014 | 1 Beehive Forum | 1 Beehive Forum | 2026-04-23 | N/A |
| SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t_dedupe parameter. | ||||
| CVE-2008-3601 | 1 Quicksilver Forums | 1 Quicksilver Forums | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Quicksilver Forums 1.4.1 allows remote attackers to execute arbitrary SQL commands via the forums array parameter in a search action. | ||||
| CVE-2008-3604 | 1 Zeescripts | 1 Zeebuddy | 2026-04-23 | N/A |
| SQL injection vulnerability in bannerclick.php in ZeeBuddy 2.1 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | ||||
| CVE-2007-6058 | 1 Profilecms | 1 Profilecms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) codes action in the profile-codes module, (2) videos action in the video-codes module, or (3) games action in the arcade-games module. | ||||
| CVE-2008-2678 | 1 Telephone | 1 Telephone Directory 2008 | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) code parameter in a confirm_data action to edit1.php and the (2) id parameter to view_more.php. | ||||
| CVE-2008-2679 | 1 Realm Project | 1 Realm Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in the KeyWordsList function in _includes/inc_routines.asp in Realm CMS 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the kwrd parameter in a kwl action to the default URI. | ||||
| CVE-2008-6632 | 1 Mercuryboard | 1 Mercuryboard | 2026-04-23 | N/A |
| SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER['HTTP_USER_AGENT']). | ||||
| CVE-2008-6627 | 1 Webbdomain | 1 Webshop | 2026-04-23 | N/A |
| SQL injection vulnerability in getin.php in WEBBDOMAIN WebShop 1.2, 1.1, 1.02, and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||