Export limit exceeded: 19630 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19630 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0461 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Search module in PHP-Nuke 8.0 FINAL and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a comments action to modules.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0449 | 1 Rocksalt International | 1 Vp Asp | 2026-04-23 | N/A |
| SQL injection vulnerability in paypalresult.asp in VP-ASP Shopping Cart 6.50 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-0383 | 1 Mybb | 1 Mybb | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts action, (2) rid parameter in an allreports action, or (3) threads parameter in a do_multimovethreads action to (a) moderation.php; or (4) gid parameter to (b) admin/usergroups.php. | ||||
| CVE-2008-0363 | 1 Clever Copy | 1 Clever Copy | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to postcomment.php and the (2) album parameter to gallery.php. | ||||
| CVE-2008-0355 | 1 Phpecho Cms | 1 Phpecho Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866. | ||||
| CVE-2008-0353 | 1 Php-residence | 1 Php-residence | 2026-04-23 | N/A |
| SQL injection vulnerability in visualizza_tabelle.php in php-residence 0.7.2 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cognome_cerca parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2568 | 1 Joomla | 2 Com Simpleshop, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component 3.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a browse action to index.php. | ||||
| CVE-2008-2900 | 1 Phpauction | 1 Phpauction | 2026-04-23 | N/A |
| SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0267 | 1 Eticket | 1 Eticket | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php. | ||||
| CVE-2008-2569 | 1 Joomla | 1 Easybook Component | 2026-04-23 | N/A |
| SQL injection vulnerability in the EasyBook (com_easybook) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a deleteentry action to index.php. | ||||
| CVE-2007-6578 | 1 Zeak.net | 1 Php Zlink | 2026-04-23 | N/A |
| SQL injection vulnerability in go.php in PHP ZLink 0.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-0350 | 1 Sme | 1 Filemailer | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in (a) index.php and (b) dl.php in SmE FileMailer 1.21 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ps, (2) us, (3) f, or (4) code parameter. NOTE: the us vector in index.php is already covered by CVE-2007-0346. | ||||
| CVE-2007-6586 | 1 Niclor | 1 Niclor | 2026-04-23 | N/A |
| SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php. | ||||
| CVE-2008-2572 | 1 Theflashblog | 1 Flashblog | 2026-04-23 | N/A |
| SQL injection vulnerability in php/leer_comentarios.php in FlashBlog allows remote attackers to execute arbitrary SQL commands via the articulo_id parameter. | ||||
| CVE-2008-2897 | 1 Pagesquid | 1 Pagesquid Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2008-0262 | 1 Agares Media | 1 Phpautovideo | 2026-04-23 | N/A |
| SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter. | ||||
| CVE-2008-2893 | 1 Ajhyip | 1 Aj Square Aj-hyip | 2026-04-23 | N/A |
| SQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-2532. | ||||
| CVE-2008-2892 | 2 Feellove, Joomla | 2 Exp Shop Component, Com Expshop | 2026-04-23 | N/A |
| SQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_payment action to index.php. | ||||
| CVE-2008-0254 | 1 Wavelink Media | 1 Tutorialcms | 2026-04-23 | N/A |
| SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter. | ||||
| CVE-2008-2890 | 1 Offl | 1 Online Fantasy Football League | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.php, the (2) league_id parameter to leagues.php, and the (3) player_id parameter to players.php. | ||||