Export limit exceeded: 19646 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19646 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2900 1 Phpauction 1 Phpauction 2026-04-23 N/A
SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0280 1 Mtcms 1 Mtcms 2026-04-23 N/A
SQL injection vulnerability in index.php in MTCMS 2.0 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the (1) a or (2) cid parameter.
CVE-2008-0281 1 Id-commerce 1 Id-commerce 2026-04-23 N/A
SQL injection vulnerability in liste.php in ID-Commerce 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idFamille parameter.
CVE-2008-2902 1 Alstrasoft 1 Askme Pro 2026-04-23 N/A
SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to forum_answer.php is already covered by CVE-2007-4085.
CVE-2008-0288 1 Imagealbum 1 Imagealbum 2026-04-23 N/A
Multiple SQL injection vulnerabilities in ImageAlbum 2.0.0b2 allow remote attackers to execute arbitrary SQL commands via the id, which is not properly handled in (1) classes/IADomain.php, (2) classes/IACollection.php, and (3) classes/IAUser.php, as demonstrated via the id parameter in a collection.imageview action.
CVE-2008-0290 1 Digitalhive 1 Digitalhive 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Digital Hive 2.0 RC2 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the selectskin parameter to an unspecified program, or (2) remote authenticated administrators to execute arbitrary SQL commands via the user_id parameter in the gestion_membre.php page to base.php.
CVE-2008-0291 1 Hangzhou Rui-qiang 1 Richstrong Cms 2026-04-23 N/A
SQL injection vulnerability in showproduct.asp in RichStrong CMS allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-2903 1 Awbs 1 Advanced Webhost Billing System 2026-04-23 N/A
SQL injection vulnerability in news.php in Advanced Webhost Billing System (AWBS) 2.3.3 through 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the viewnews parameter.
CVE-2008-2904 1 Phpmycart 1 Phpmycart 2026-04-23 N/A
SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-0301 1 Mapbender 1 Mapbender 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Mapbender 2.4.4 allow remote attackers to execute arbitrary SQL commands via the gaz parameter to mod_gazetteer_edit.php and other unspecified vectors.
CVE-2008-2906 1 Webchamado 1 Webchamado 2026-04-23 N/A
SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the tsk_id parameter.
CVE-2008-2907 1 Webchamado 1 Webchamado 2026-04-23 N/A
SQL injection vulnerability in admin/index.php in WebChamado 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the eml parameter.
CVE-2008-2909 1 Clever Copy 1 Clever Copy 2026-04-23 N/A
SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter.
CVE-2008-0325 1 Fascript 1 Fapersian Petition 2026-04-23 N/A
SQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0328 1 Fascript 1 Faname 2026-04-23 N/A
SQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0353 1 Php-residence 1 Php-residence 2026-04-23 N/A
SQL injection vulnerability in visualizza_tabelle.php in php-residence 0.7.2 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cognome_cerca parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-0355 1 Phpecho Cms 1 Phpecho Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866.
CVE-2008-0363 1 Clever Copy 1 Clever Copy 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to postcomment.php and the (2) album parameter to gallery.php.
CVE-2008-0383 1 Mybb 1 Mybb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts action, (2) rid parameter in an allreports action, or (3) threads parameter in a do_multimovethreads action to (a) moderation.php; or (4) gid parameter to (b) admin/usergroups.php.
CVE-2008-0449 1 Rocksalt International 1 Vp Asp 2026-04-23 N/A
SQL injection vulnerability in paypalresult.asp in VP-ASP Shopping Cart 6.50 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.