Export limit exceeded: 19631 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19631 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2892 | 1 Scripteen | 1 Free Image Hosting Script | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in header.php in Scripteen Free Image Hosting Script 2.3 allow remote attackers to execute arbitrary SQL commands via a (1) cookid or (2) cookgid cookie. | ||||
| CVE-2009-2933 | 1 Piwigo | 1 Piwigo | 2026-04-23 | N/A |
| SQL injection vulnerability in comments.php in Piwigo before 2.0.3 allows remote attackers to execute arbitrary SQL commands via the items_number parameter. | ||||
| CVE-2007-5643 | 1 Lussumo | 1 Vanilla | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the CategoryID parameter to ajax/sortcategories.php or (2) an unspecified vector to ajax/sortroles.php. | ||||
| CVE-2008-6378 | 1 Mxmania | 1 Calendar Mx Professional | 2026-04-23 | N/A |
| SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2008-5213 | 1 Aj Square | 1 Aj Article | 2026-04-23 | N/A |
| SQL injection vulnerability in featured_article.php in AJ Article 1.0 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a search detail action. | ||||
| CVE-2008-5222 | 1 Dvbbs | 1 Dvbbs | 2026-04-23 | N/A |
| SQL injection vulnerability in login.asp in Dvbbs 8.2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-5226 | 3 Joomla, Mambads, Mambo | 3 Joomla, Mambads, Mambo | 2026-04-23 | N/A |
| SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177. | ||||
| CVE-2009-1731 | 1 Mlffat | 1 Mlffat | 2026-04-23 | N/A |
| SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded supervisor cookie. | ||||
| CVE-2008-6376 | 1 Nexusjnr | 1 Jbook | 2026-04-23 | N/A |
| SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the password (pass parameter). | ||||
| CVE-2008-5292 | 1 Videogirls | 1 Videogirls Biz | 2026-04-23 | N/A |
| SQL injection vulnerability in view_snaps.php in VideoGirls BiZ allows remote attackers to execute arbitrary SQL commands via the type parameter. | ||||
| CVE-2008-5293 | 1 Bdigital Web Solutions | 1 Webstudio Ehotel | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in WebStudio eHotel allows remote attackers to execute arbitrary SQL commands via the pageid parameter. | ||||
| CVE-2008-5294 | 1 Bdigital Web Solutions | 1 Webstudio Ecatalogue | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in WebStudio eCatalogue allows remote attackers to execute arbitrary SQL commands via the pageid parameter. | ||||
| CVE-2008-5295 | 1 Jamit Software | 1 Jamit Job Board | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Jamit Job Board 3.4.10 allows remote attackers to execute arbitrary SQL commands via the show_emp parameter. | ||||
| CVE-2009-3082 | 1 Snowhall | 1 Silurus System | 2026-04-23 | N/A |
| SQL injection vulnerability in wcategory.php in Snow Hall Silurus System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-2004 | 1 Dokeos | 1 Dokeos | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in main/mySpace/myStudents.php in Dokeos 1.8.5, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) student and (2) course parameters, a different vector than CVE-2007-2902. | ||||
| CVE-2009-2010 | 1 Haudenschilt | 1 Family Connections Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) thread parameter to messageboard.php, (2) member parameter to profile.php, (3) pid parameter to gallery/index.php, and the (4) fcms_login_id cookie parameter. | ||||
| CVE-2009-2014 | 1 Joomla | 2 Com School, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the ComSchool (com_school) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to index.php. | ||||
| CVE-2008-5306 | 1 Pilot Group | 1 Pg Real Estate Solution | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/index.php in PG Real Estate Solution allows remote attackers to execute arbitrary SQL commands via the login_lg parameter (username). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5309 | 1 Netart Media | 1 Real Estate Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in NetArt Media Real Estate Portal 1.2 allows remote attackers to execute arbitrary SQL commands via the ad_id parameter in the re_send_email module to index.php. | ||||
| CVE-2009-2019 | 1 Virtuenetz | 1 Virtue News Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in news_detail.php in Virtue News Manager allows remote attackers to execute arbitrary SQL commands via the nid parameter. | ||||