Export limit exceeded: 359321 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19453 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1646 | 2 Arnos Toolbox, Wordpress | 2 Wp-download, Wp Download | 2026-04-23 | N/A |
| SQL injection vulnerability in wp-download.php in the WP-Download 1.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the dl_id parameter. | ||||
| CVE-2008-1650 | 1 Myiosoft | 1 Easynews | 2026-04-23 | N/A |
| SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edp_Help_Internal_News action. | ||||
| CVE-2008-1699 | 1 Desiquintans | 1 Writers Block Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in permalink.php in Desi Quintans Writer's Block CMS 3.8a allows remote attackers to execute arbitrary SQL commands via the PostID parameter. | ||||
| CVE-2008-1990 | 1 Acidcat | 1 Acidcat Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) cID parameter to default.asp and the (2) username parameter to main_login2.asp. | ||||
| CVE-2008-2012 | 1 Postnuke Software Foundation | 1 Postschedule | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the eid parameter in an event action. | ||||
| CVE-2008-2013 | 1 Pnflashgames | 1 Pnflashgames | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the pnFlashGames 1.5 through 2.5 module for PostNuke, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a display action. | ||||
| CVE-2008-2023 | 1 Pd9 Software | 1 Megabbs | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) invisible and (2) timeoffset parameters to profile/controlpanel.asp and the (3) attachmentid parameter to forums/attach-file.asp. | ||||
| CVE-2008-2029 | 1 Minibb | 1 Minibb | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php. | ||||
| CVE-2008-2047 | 1 Aspindir | 1 Angelo-emlak | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp. | ||||
| CVE-2008-2063 | 1 Joovili | 1 Joovili | 2026-04-23 | N/A |
| SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2008-2065 | 1 Yourfreeworld | 1 Jokes Site Script | 2026-04-23 | N/A |
| SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers to execute arbitrary SQL commands via the catagorie parameter. | ||||
| CVE-2008-2083 | 1 Prozilla | 1 Hosting Index | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Prozilla Hosting Index, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-2118 | 1 Project Alumni | 1 Project Alumni | 2026-04-23 | N/A |
| SQL injection vulnerability in info.php in Project Alumni 1.0.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2125 | 1 Musicbox | 1 Musicbox | 2026-04-23 | N/A |
| SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to execute arbitrary SQL commands via the artistId parameter. | ||||
| CVE-2008-2189 | 1 Anserv | 1 Auction Xl | 2026-04-23 | N/A |
| SQL injection vulnerability in viewfaqs.php in AnServ Auction XL allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-2197 | 1 Miniweb2 | 1 Blog Writer | 2026-04-23 | N/A |
| SQL injection vulnerability in the blogwriter module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter to index.php. | ||||
| CVE-2008-3591 | 1 21degrees | 1 Symphony | 2026-04-23 | N/A |
| SQL injection vulnerability in lib/class.admin.php in Twentyone Degrees Symphony 1.7.01 and earlier allows remote attackers to execute arbitrary SQL commands via the sym_auth cookie in a /publish/filemanager/ request to index.php. | ||||
| CVE-2008-2564 | 1 Joomla | 2 Com Jotloader, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the JotLoader (com_jotloader) component 1.2.1.a and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. | ||||
| CVE-2008-2560 | 1 Fourtwosevenbb | 1 427bb | 2026-04-23 | N/A |
| SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remote attackers to execute arbitrary SQL commands via the post parameter. | ||||
| CVE-2008-2562 | 1 Powerphlogger | 1 Powerphlogger | 2026-04-23 | N/A |
| SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and earlier allows remote authenticated users to execute arbitrary SQL commands via the css_str parameter in an edit action. | ||||