Export limit exceeded: 19646 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19646 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5589 | 1 Katywhitton | 1 Rankem | 2026-04-23 | N/A |
| SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the (1) txtusername parameter (aka username field) or the (2) txtpassword parameter (aka password field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1336 | 1 Koobi | 1 Koobi Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in Koobi CMS 4.2.3 through 4.3.0 allows remote attackers to execute arbitrary SQL commands via the categ parameter in a links action to index.php, a different vector than CVE-2008-1122. | ||||
| CVE-2008-1350 | 1 Fully Modded Phpbb | 1 Fully Modded Phpbb | 2026-04-23 | N/A |
| SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm) 80220 allows remote attackers to execute arbitrary SQL commands via the k parameter in an article action. | ||||
| CVE-2009-2099 | 2 Ijoomla, Joomla | 2 Com Rssfeeder, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the iJoomla RSS Feeder (com_ijoomla_rss) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in an xml action to index.php. | ||||
| CVE-2008-5588 | 1 Katywhitton | 1 Rankem | 2026-04-23 | N/A |
| SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the siteID parameter. | ||||
| CVE-2008-3307 | 1 Youtube Blog | 1 Youtube Blog | 2026-04-23 | N/A |
| SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306. | ||||
| CVE-2009-2097 | 1 Zokisoft | 1 Zoki Catalog | 2026-04-23 | N/A |
| SQL injection vulnerability in system/application/controllers/catalog.php in Zoki Soft Zoki Catalog (aka Smart Catalog) allows remote attackers to execute arbitrary SQL commands via the search_text parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3310 | 1 Preproject | 1 Pre Survey Poll | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Pre Survey Poll allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2008-5578 | 1 Scssboard | 1 Scssboard | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via (1) the f parameter in a showforum action, (2) the u parameter in a profile action, (3) the viewcat parameter, or (4) a combination of scb_uid and scb_ident cookie values. | ||||
| CVE-2008-5571 | 1 Dotnetindex | 1 Professional Download Assistant | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/login.asp in Professional Download Assistant 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) uname parameter (aka user field) or the (2) psw parameter (aka passwd field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5337 | 1 Multimania | 2 Bandsite Portal System, Bandwebsite | 2026-04-23 | N/A |
| SQL injection vulnerability in lyrics.php in Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5194 | 1 Softvisions Software | 1 Online Booking Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in checkavail.php in SoftVisions Software Online Booking Manager (obm) 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5191 | 1 Seportal | 1 Seportal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php. | ||||
| CVE-2008-5165 | 1 Eticket | 1 Eticket | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote attackers to execute arbitrary SQL commands via the pri parameter to (1) index.php, (2) open.php, (3) open_raw.php, and (4) newticket.php. | ||||
| CVE-2008-5163 | 1 Theratstudios | 1 The Rat Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewarticle.php and (2) viewarticle2.php. | ||||
| CVE-2008-4159 | 1 Zanfi Solutions | 2 Jaw Portal, Zanfi Cms Lite | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter. | ||||
| CVE-2008-4157 | 1 Vastal | 1 Phpvid | 2026-04-23 | N/A |
| SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected. | ||||
| CVE-2008-5037 | 1 Elkagroup | 1 Image Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-5004 | 1 Mywebland | 1 Bloggie Lite | 2026-04-23 | N/A |
| SQL injection vulnerability in genscode.php in myWebland Bloggie Lite 0.0.2 beta allows remote attackers to execute arbitrary SQL commands via a crafted cookie. | ||||
| CVE-2008-5003 | 1 Shahrood | 1 Shahrood | 2026-04-23 | N/A |
| SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||