Export limit exceeded: 19663 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19663 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0333 | 2 Matthias Graubner, Typo3 | 2 Mg Help, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-6127 | 1 Project Alumni | 1 Project Alumni | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the year parameter to (1) view.page.inc.php, which is reachable through a view action to index.php; or (2) the year parameter to news.page.inc.php, which is reachable through a news action to index.php. | ||||
| CVE-2007-6128 | 1 Flor De Utopia | 1 Workingonweb | 2026-04-23 | N/A |
| SQL injection vulnerability in events.php in WorkingOnWeb 2.0.1400 allows remote attackers to execute arbitrary SQL commands via the idevent parameter. | ||||
| CVE-2010-0339 | 1 Typo3 | 2 Typo3, Vm19 Userlinks | 2026-04-23 | N/A |
| SQL injection vulnerability in the User Links (vm19_userlinks) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-7040 | 2 Wordpress, Yellowswordfish | 2 Wordpress, Simple Forum | 2026-04-23 | N/A |
| SQL injection vulnerability in ahah/sf-profile.php in the Yellow Swordfish Simple Forum module for Wordpress allows remote attackers to execute arbitrary SQL commands via the u parameter. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect. | ||||
| CVE-2010-0343 | 1 Typo3 | 2 Pb Clanlist, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Clan Users List (pb_clanlist) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-7033 | 2 Galore, Joomla | 2 Com Simpleshop, Joomla\! | 2026-04-23 | N/A |
| SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the section parameter in a section action to index.php, a different vulnerability than CVE-2008-2568. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect. | ||||
| CVE-2008-7030 | 1 Site2nite | 1 Real Estate Web | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect. | ||||
| CVE-2008-6889 | 1 Activewebsoftwares | 1 Aspreferral | 2026-04-23 | N/A |
| SQL injection vulnerability in Merchantsadd.asp in ASPReferral 5.3 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter. | ||||
| CVE-2008-6867 | 1 Scripts For Sites | 1 Ez Career | 2026-04-23 | N/A |
| SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter. | ||||
| CVE-2008-3310 | 1 Preproject | 1 Pre Survey Poll | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Pre Survey Poll allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2007-6338 | 1 Trivantis | 1 Coursemill Enterprise Learning Management System | 2026-04-23 | N/A |
| SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote attackers to execute arbitrary SQL commands via the user parameter (username field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6345 | 1 Aurora | 1 Aurora Framework | 2026-04-23 | N/A |
| SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3307 | 1 Youtube Blog | 1 Youtube Blog | 2026-04-23 | N/A |
| SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306. | ||||
| CVE-2007-6551 | 1 Mailmachinepro | 1 Mailmachine Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in showMsg.php in MailMachine Pro 2.2.4, and other versions before 2.2.6, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-4475 | 2 Joomla, Joomlub | 2 Joomla\!, Com Joomlub | 2026-04-23 | N/A |
| SQL injection vulnerability in the Joomlub (com_joomlub) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an auction edit action to index.php. | ||||
| CVE-2008-6596 | 1 Phpcredo | 1 Phcdownload | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute arbitrary SQL commands via the hash parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6595 | 1 Typo3 | 1 Pmk Rssnewsexport Extension | 2026-04-23 | N/A |
| SQL injection vulnerability in the pmk_rssnewsexport extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-0377 | 1 Joomla | 2 Com Beamospetition, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132. | ||||
| CVE-2007-1897 | 1 Wordpress | 1 Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable. | ||||