Export limit exceeded: 19631 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19631 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2601 2 Joomla, Joomlaequipment 2 Joomla\!, Juser 2026-04-23 N/A
SQL injection vulnerability in the Joomlaequipment (aka JUser or com_juser) component 2.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_profile action to index.php.
CVE-2007-1302 1 Li-scripts 1 Li-guestbook 2026-04-23 N/A
SQL injection vulnerability in guestbook.php in LI-Guestbook 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the country parameter. NOTE: it was later reported that 1.2 is also affected.
CVE-2009-3190 1 Pad-site-scripts 1 Pad Site Scripts 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to list.php and (2) cat parameter to rss.php.
CVE-2008-3345 1 Myiosoft 1 Easye-cards 2026-04-23 N/A
SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a pickup action.
CVE-2008-0137 1 Snetworks 1 Php Classifieds 2026-04-23 N/A
PHP remote file inclusion vulnerability in config.inc.php in SNETWORKS PHP CLASSIFIEDS 5.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter.
CVE-2009-3184 1 Grapari 1 E-gold Game Series Pirates Of The Caribbean 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Pirates of The Caribbean in the E-Gold Game Series allow remote attackers to execute arbitrary SQL commands via the (1) x and (2) y parameters.
CVE-2007-6084 1 Hotscripts 1 Clone Script 2026-04-23 N/A
SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2592 1 Phpjunkyard 1 Gbook 2026-04-23 N/A
SQL injection vulnerability in guestbook.php in PHPJunkYard GBook 1.6 allows remote attackers to execute arbitrary SQL commands via the mes_id parameter.
CVE-2008-6202 1 Jakob-persson 1 Cobalt 2026-04-23 N/A
SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) urun.asp, (2) admin/bayi_listele.asp, (3) admin/urun_grup_listele.asp, and (4) admin/urun_listele.asp.
CVE-2008-5806 1 Deltascripts 1 Php Classifieds 2026-04-23 N/A
SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka admin field). NOTE: some of these details are obtained from third party information.
CVE-2010-0341 1 Typo3 2 Bb Simplejobs, Typo3 2026-04-23 N/A
SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3131 1 Powie 1 Psys 2026-04-23 N/A
SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showid parameter.
CVE-2008-3306 1 Youtube Blog 1 Youtube Blog 2026-04-23 N/A
SQL injection vulnerability in info.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3307. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-3175 1 Boldfx 1 Model Agency Manager Pro 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Model Agency Manager PRO (formerly Modeling Agency Content Management Script) allow remote attackers to execute arbitrary SQL commands via the user_id parameter to (1) view.php, (2) photos.php, and (3) motm.php; and the (4) id parameter to forum_message.php.
CVE-2008-5486 1 Turnkeyforms 1 Text Link Sales 2026-04-23 N/A
SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2598 1 Onlinegrades 1 Online Grades 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Online Grades & Attendance 3.2.6 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the key parameter in a resetpass action to index.php and (2) remote authenticated users to execute arbitrary SQL commands via the ADD parameter in a mailto action to parents/parents.php.
CVE-2008-0255 1 Igamingcms 1 Igaming Cms 2026-04-23 N/A
SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter.
CVE-2008-5726 1 Stormboards Aaronnemisis 1 Stormboards 2026-04-23 N/A
SQL injection vulnerability in thread.php in stormBoards 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3561 1 Powergap 1 Shopsystem 2026-04-23 N/A
SQL injection vulnerability in s03.php in Powergap Shopsystem, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ag parameter.
CVE-2008-3206 1 Iamilkay 1 Yuhhu Pubs Black Cat 2026-04-23 N/A
SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black Cat allows remote attackers to execute arbitrary SQL commands via the category parameter.