Export limit exceeded: 20044 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19725 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6551 1 Mailmachinepro 1 Mailmachine Pro 2026-04-23 N/A
SQL injection vulnerability in showMsg.php in MailMachine Pro 2.2.4, and other versions before 2.2.6, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6115 1 Prozilla 1 Hosting Index 2026-04-23 N/A
SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action, a different vector than CVE-2008-2083.
CVE-2008-1890 2 Azrul, Joomla 2 Jom Comment, Joomla 2026-04-23 N/A
SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2339 1 Turnkeywebtools 1 Sunshop Shopping Cart 2026-04-23 N/A
SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549.
CVE-2008-4786 1 E107 2 E107, Easyshop Plugin 2026-04-23 N/A
SQL injection vulnerability in easyshop.php in the EasyShop plugin for e107 allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
CVE-2008-5923 1 Asp-dev 1 Xm Events Diary 2026-04-23 N/A
SQL injection vulnerability in default.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands the cat parameter.
CVE-2009-0863 1 Matteoiammarrone 1 S-cms 2026-04-23 N/A
SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-1509 1 Myiosoft 1 Ajaxportal 2026-04-23 N/A
SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2009-0829 1 Andrew Freed 1 Quotebook 2026-04-23 N/A
Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the (1) MyBox and (2) selectFavorites parameters to (a) quotes.php and the (3) QuoteName and (4) QuoteText parameters to (b) quotesadd.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2791 1 Kalptaru Infotech 1 Comparison Engine Power Script 2026-04-23 N/A
SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6304 1 Xt-commerce 1 Xt-commerce 2026-04-23 N/A
SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled and the SEO URLs are activated, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6111 1 Netart Media 1 Vlog System 2026-04-23 N/A
SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to execute arbitrary SQL commands via the note parameter.
CVE-2008-4884 1 Yourfreeworld 1 Classifieds Hosting Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld Classifieds Hosting Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6873 1 Activewebsoftwares 1 Active Web Mail 2026-04-23 N/A
SQL injection vulnerability in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the TabOpenQuickTab1 parameter to (1) popaccounts.aspx, (2) addressbook.aspx, and (3) emails.aspx.
CVE-2008-3054 1 Typo3 1 Branchenbuch Extension 2026-04-23 N/A
SQL injection vulnerability in the Branchenbuch (aka Yellow Pages o (mh_branchenbuch) extension 0.8.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2789 1 Basic-cms 1 Basic-cms 2026-04-23 N/A
SQL injection vulnerability in pages/index.php in BASIC-CMS allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
CVE-2009-0968 2 Fahlstad, Wordpress 2 Fmoblog Plugin, Wordpress 2026-04-23 N/A
SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2009-0394 1 Ple Cms 1 Ple Cms 2026-04-23 N/A
SQL injection vulnerability in login.php in Pre Lecture Exercises (PLEs) CMS 1.0 beta 4.2 allows remote attackers to execute arbitrary SQL commands via the school parameter.
CVE-2008-6029 1 Buzzywall 1 Buzzywall 2026-04-23 N/A
SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter.
CVE-2008-4804 2 Nukedgallery, Phpnuke 2 Gallery, Php-nuke 2026-04-23 N/A
SQL injection vulnerability in the Gallery module 1.3 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the aid parameter in a showalbum action to index.php. NOTE: some of these details are obtained from third party information. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.