Export limit exceeded: 19621 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19621 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3035 | 1 Xchangeboard | 1 Xchangeboard | 2026-04-23 | N/A |
| SQL injection vulnerability in newThread.php in XchangeBoard 1.70 Final and earlier allows remote authenticated users to execute arbitrary SQL commands via the boardID parameter. | ||||
| CVE-2008-0737 | 1 Shoppingtree | 1 Candypress Store | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and other 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the helpfield parameter. | ||||
| CVE-2008-2429 | 1 Calendarix | 1 Basic | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via (1) the catsearch parameter to cal_search.php or (2) the catview parameter to cal_cat.php. NOTE: vector 1 might overlap CVE-2007-3183.3, and vector 2 might overlap CVE-2005-1865.2. | ||||
| CVE-2008-0733 | 1 Cs Team | 1 Counter Strike Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers to execute arbitrary SQL commands via the id parameter, as demonstrated using the downloads page. | ||||
| CVE-2008-3027 | 1 Vangogh Web Cms | 1 Vangogh Web Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php. | ||||
| CVE-2008-0678 | 1 Blogphp | 1 Blogphp | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a page action. | ||||
| CVE-2008-0651 | 1 Pedro Santana Codice | 1 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-0650 | 1 Simple Os Cms | 1 Simple Os Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-0507 | 1 Wordpress | 1 Adserve | 2026-04-23 | N/A |
| SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-5402 | 1 Layton Technology | 1 Helpbox | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Layton HelpBox 3.7.1 allow (1) remote attackers to execute arbitrary SQL commands via the sys_request_id parameter to editrequestenduser.asp; and allow remote authenticated users to execute arbitrary SQL commands via (2) the oldpassword parameter to writepwdenduser.asp, and the sys_request_id parameter to (3) changerequeststatus.asp, (4) editrequestuser.asp, (5) requestcommentsuser.asp, and (6) useractions.asp, different vectors than CVE-2004-2551. | ||||
| CVE-2008-0469 | 1 Tiger Php News System | 1 Tiger Php News System | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Tiger Php News System (TPNS) 1.0b and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a newscat action. | ||||
| CVE-2008-0461 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Search module in PHP-Nuke 8.0 FINAL and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a comments action to modules.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0363 | 1 Clever Copy | 1 Clever Copy | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to postcomment.php and the (2) album parameter to gallery.php. | ||||
| CVE-2007-5408 | 1 Cplinks | 1 Cpdynalinks | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in cpDynaLinks 1.02 allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2008-0355 | 1 Phpecho Cms | 1 Phpecho Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866. | ||||
| CVE-2008-0353 | 1 Php-residence | 1 Php-residence | 2026-04-23 | N/A |
| SQL injection vulnerability in visualizza_tabelle.php in php-residence 0.7.2 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cognome_cerca parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0328 | 1 Fascript | 1 Faname | 2026-04-23 | N/A |
| SQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0325 | 1 Fascript | 1 Fapersian Petition | 2026-04-23 | N/A |
| SQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2909 | 1 Clever Copy | 1 Clever Copy | 2026-04-23 | N/A |
| SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter. | ||||
| CVE-2008-2893 | 1 Ajhyip | 1 Aj Square Aj-hyip | 2026-04-23 | N/A |
| SQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-2532. | ||||