Export limit exceeded: 363118 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363118 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19662 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19662 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0400 | 1 Socialengine | 1 Socialengine | 2026-04-23 | N/A |
| SQL injection vulnerability in blog.php in SocialEngine 3.06 trial allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||
| CVE-2009-0407 | 1 Humayun Shabbir | 1 Php-cms Project | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/login.php in PHP-CMS Project 1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-4620 | 1 Mrbs | 1 Mrbs | 2026-04-23 | N/A |
| SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php. | ||||
| CVE-2008-4621 | 1 Zeescripts | 1 Zeeproperty | 2026-04-23 | N/A |
| SQL injection vulnerability in bannerclick.php in ZeeScripts Zeeproperty allows remote attackers to execute arbitrary SQL commands via the adid parameter. | ||||
| CVE-2008-6805 | 1 Micgr | 1 Mic Blog | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Mic_Blog 0.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to category.php, the (2) user parameter to login.php, and the (3) site parameter to register.php. | ||||
| CVE-2008-1354 | 1 Advanced Data Solutions | 1 Virtual Support Office Xp | 2026-04-23 | N/A |
| SQL injection vulnerability in MyIssuesView.asp in Advanced Data Solutions Virtual Support Office-XP (VSO-XP) allows remote attackers to execute arbitrary SQL commands via the Issue_ID parameter. | ||||
| CVE-2008-6301 | 2 Phpbb, Prezmo | 2 Phpbb, Small Shoutbox | 2026-04-23 | N/A |
| SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox module 1.4 for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action. | ||||
| CVE-2008-6369 | 1 Ocean12tech | 1 Contact Manager Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to execute arbitrary SQL commands via the Sort parameter. | ||||
| CVE-2008-3403 | 1 Mojoscripts | 1 Mojopersonals | 2026-04-23 | N/A |
| SQL injection vulnerability in mojoClassified.cgi in MojoPersonals allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2009-2123 | 1 Elvinbts | 1 Elvinbts | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) inUser (aka Username) and (2) inPass (aka Password) parameters to (a) inc/login.ei, reachable through login.php; and the (3) id parameter to (b) show_bug.php and (c) show_activity.php. NOTE: it was later reported that vector 3c also affects 1.2.2. | ||||
| CVE-2009-2034 | 1 Ricardo Alexandre De Oliveira Staudt | 1 Yogurt | 2026-04-23 | N/A |
| SQL injection vulnerability in writemessage.php in Yogurt 0.3, when register_globals is enabled, allows remote authenticated users to execute arbitrary SQL commands via the original parameter. | ||||
| CVE-2008-5174 | 1 Easysitenetwork | 1 Jokes Complete Website | 2026-04-23 | N/A |
| SQL injection vulnerability in joke.php in Jokes Complete Website 2.1.3 allows remote attackers to execute arbitrary SQL commands via the jokeid parameter. | ||||
| CVE-2008-0428 | 1 Bloofoxcms | 1 Bloofoxcms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the login function in system/class_permissions.php in bloofoxCMS 0.3 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/index.php. | ||||
| CVE-2008-5805 | 1 Deltascripts | 1 Php Classifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the siteid parameter, a different vector than CVE-2006-5828. | ||||
| CVE-2008-0371 | 1 Alilg | 1 Alitalk | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in aliTalk 1.9.1.1, when magic_quotes_gpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via (1) the mohit parameter to (a) inc/receivertwo.php; and allow remote attackers to execute arbitrary SQL commands via (2) the id parameter to (b) inc/usercp.php, related to functionz/usercp.php; or (3) the username parameter to (c) admin/index.php, related to functionz/first_process.php, or (d) index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5806 | 1 Deltascripts | 1 Php Classifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka admin field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6202 | 1 Jakob-persson | 1 Cobalt | 2026-04-23 | N/A |
| SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) urun.asp, (2) admin/bayi_listele.asp, (3) admin/urun_grup_listele.asp, and (4) admin/urun_listele.asp. | ||||
| CVE-2007-2803 | 1 Vizayn Urun | 1 Tanitim Sitesi | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Vizayn Urun Tanitim Sitesi 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a haberdetay action. | ||||
| CVE-2006-6337 | 1 Aspindir | 1 Aspee Ziyaretci Defteri | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in giris.asp in Aspee and Dogantepe Ziyaretci Defteri allow remote attackers to execute arbitrary SQL commands via the (1) kullanici or (2) parola parameter. | ||||
| CVE-2008-0256 | 1 Matteo Binda | 1 Asp Photo Gallery | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and (c) thumbricerca.asp and the (2) ricerca parameter to (d) thumbricerca.asp. | ||||