Export limit exceeded: 359063 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19441 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6322 | 1 Cfmsource | 1 Cfmblog | 2026-04-23 | N/A |
| SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | ||||
| CVE-2008-4765 | 1 Oscommerce | 2 Online Merchant, Poll Booth | 2026-04-23 | N/A |
| SQL injection vulnerability in pollBooth.php in osCommerce Poll Booth Add-On 2.0 allows remote attackers to execute arbitrary SQL commands via the pollID parameter in a results operation. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect. | ||||
| CVE-2009-3357 | 2 Joomla, Joomlahbs | 2 Joomla, Com Hbssearch | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS or com_hbssearch) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) h_id, (2) id, and (3) rid parameters to longDesc.php, and the h_id parameter to (4) detail.php, (5) detail1.php, (6) detail2.php, (7) detail3.php, (8) detail4.php, (9) detail5.php, (10) detail6.php, (11) detail7.php, and (12) detail8.php, different vectors than CVE-2008-5865, CVE-2008-5874, and CVE-2008-5875. | ||||
| CVE-2008-2770 | 1 Mycrocms | 1 Mycrocms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the entry_id parameter. | ||||
| CVE-2008-0762 | 1 Joomla | 1 Com Iomezun | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the com_iomezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action. | ||||
| CVE-2008-0937 | 2 Tinyevent, Xoops | 2 Tinyevent, Tiny Event Module | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811. | ||||
| CVE-2008-6319 | 1 Cfmsource | 1 Cf Calendar | 2026-04-23 | N/A |
| SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter. | ||||
| CVE-2008-0651 | 1 Pedro Santana Codice | 1 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6327 | 1 Manzovi | 1 Proquiz | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312. | ||||
| CVE-2008-6314 | 1 Phpbb | 2 Phpbb, Tag Board | 2026-04-23 | N/A |
| SQL injection vulnerability in tag_board.php in the Tag Board module 4.0 and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action. | ||||
| CVE-2008-4782 | 1 Aiocp | 1 Aiocp | 2026-04-23 | N/A |
| SQL injection vulnerability in public/code/cp_polls_results.php in All In One Control Panel (AIOCP) 1.4 allows remote attackers to execute arbitrary SQL commands via the poll_id parameter. | ||||
| CVE-2008-6312 | 1 Manzovi | 1 Proquiz | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-2754 | 1 Efiction | 1 Efiction | 2026-04-23 | N/A |
| SQL injection vulnerability in toplists.php in eFiction 3.0 and 3.4.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the list parameter. | ||||
| CVE-2008-6311 | 1 Butterflymedia | 1 Butterfly Organizer | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 allows remote attackers to execute arbitrary SQL commands via the mytable parameter. NOTE: the id vector is covered by another CVE name. | ||||
| CVE-2008-7153 | 1 Docebo | 1 Docebo | 2026-04-23 | N/A |
| SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitrary PHP code using the INTO DUMPFILE command. | ||||
| CVE-2008-6276 | 2 Drupal, Joomla | 2 User Karma Module, Joomla\! | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allow remote authenticated administrators to execute arbitrary SQL commands via (1) a content type or (2) a voting API value. | ||||
| CVE-2008-7116 | 1 Webidsupport | 1 Webid | 2026-04-23 | N/A |
| SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the username. | ||||
| CVE-2008-2753 | 1 Paridel | 1 Pooya Site Builder | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Pooya Site Builder (PSB) 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) xslIdn parameter to (a) utils/getXsl.aspx, and the (2) part parameter to (b) getXml.aspx and (c) getXls.aspx in utils/. | ||||
| CVE-2008-6303 | 1 Toursmanager | 1 Tours Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in tourview.php in ToursManager allows remote attackers to execute arbitrary SQL commands via the tourid parameter. | ||||
| CVE-2009-0445 | 1 Dreampics | 1 Gallery Builder | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Dreampics Gallery Builder allows remote attackers to execute arbitrary SQL commands via the exhibition_id parameter in a gallery.viewPhotos action. | ||||