Export limit exceeded: 19622 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19622 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3767 | 1 Smartisoft | 1 Phpbazar | 2026-04-23 | N/A |
| SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | ||||
| CVE-2008-3762 | 1 Turnkeywebtools | 1 Php Live Helper | 2026-04-23 | N/A |
| SQL injection vulnerability in onlinestatus_html.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the dep parameter, related to lack of input sanitization in the get function in global.php. | ||||
| CVE-2008-3754 | 1 Yourfreeworld | 1 Stylish Text Ads Script | 2026-04-23 | N/A |
| SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-3752 | 1 Yourfreeworld | 1 Ad-exchange Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Ad-Exchange Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-3751 | 1 Yourfreeworld | 1 Short Url And Url Tracker Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-3750 | 1 Yourfreeworld | 1 Url Rotator Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-3749 | 1 Yourfreeworld | 1 Banner Management Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-1813 | 1 Submitterscript | 1 Submitterscript | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/index.php in Submitter Script 2 allow remote attackers to execute arbitrary SQL commands via (1) the uNev parameter (aka the username field) or (2) the uJelszo parameter (aka the Password field). | ||||
| CVE-2008-1909 | 1 Chadha Software Technologies | 1 Phpkb Knowledge Base | 2026-04-23 | N/A |
| SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2009-1812 | 1 Collector | 1 Mygesuad | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote attackers to execute arbitrary SQL commands via (1) the formUser parameter (aka the Name field) to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to (2) kategorie.php, (3) budget.php, (4) zahlung.php, or (5) adresse.php in modules/, related to classes/class.perform.php. | ||||
| CVE-2008-2919 | 1 Gryphonllc | 1 Gryphon Gllcts2 | 2026-04-23 | N/A |
| SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the sort parameter. | ||||
| CVE-2009-1258 | 2 Joomla, Rd-media | 2 Joomla, Com Rdautos | 2026-04-23 | N/A |
| SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1247 | 1 Acutecp.rediscussed | 1 Acutecp | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2007-6719 | 1 Inspector It | 1 Wiz-ad | 2026-04-23 | N/A |
| SQL injection vulnerability in Wiz-Ad 1.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2870 | 1 Sharecms | 1 Sharecms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remote attackers to execute arbitrary SQL commands via the (1) eventID parameter to event_info.php and the (2) userID parameter to list_user.php. | ||||
| CVE-2006-5738 | 1 Punbb | 1 Punbb | 2026-04-23 | 7.2 High |
| Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-2868 | 1 Duware | 1 Ducalendar | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter. | ||||
| CVE-2009-2929 | 1 Tgs-cms | 1 Tgs Content Management | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in TGS Content Management 0.x allow remote attackers to execute arbitrary SQL commands via the (1) tgs_language_id, (2) tpl_dir, (3) referer, (4) user-agent, (5) site, (6) option, (7) db_optimization, (8) owner, (9) admin_email, (10) default_language, and (11) db_host parameters to cms/index.php; and the (12) cmd, (13) s_dir, (14) minutes, (15) s_mask, (16) test3_mp, (17) test15_file1, (18) submit, (19) brute_method, (20) ftp_server_port, (21) userfile14, (22) subj, (23) mysql_l, (24) action, and (25) userfile1 parameters to cms/frontpage_ception.php. NOTE: some of these parameters may be applicable only in nonstandard versions of the product, and cms/frontpage_ception.php may be cms/frontpage_caption.php in all released versions. | ||||
| CVE-2009-1038 | 1 Yap | 1 Yap Blog | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) image_id parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the (2) user parameter in a modif action to admin/index.php. | ||||
| CVE-2009-1034 | 1 Drupal | 1 Tasklist | 2026-04-23 | N/A |
| SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via values in the URI. | ||||