Export limit exceeded: 351514 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351514 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351514 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19028 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5704 | 1 Codewidgets | 1 Online Event Registration Template | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow remote attackers to execute arbitrary SQL commands via the (1) Email Address and (2) Password fields in (a) login.asp and (b) admin_login.asp. | ||||
| CVE-2008-6362 | 1 Ezonelink | 1 Multiple Membership Script | 2026-04-23 | N/A |
| SQL injection vulnerability in sitepage.php in Multiple Membership Script 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4623 | 2 Joomla, Martin Diphoorn | 2 Joomla, Com Ds-syndicate | 2026-04-23 | N/A |
| SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feed_id parameter to index2.php. | ||||
| CVE-2009-2019 | 1 Virtuenetz | 1 Virtue News Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in news_detail.php in Virtue News Manager allows remote attackers to execute arbitrary SQL commands via the nid parameter. | ||||
| CVE-2008-2904 | 1 Phpmycart | 1 Phpmycart | 2026-04-23 | N/A |
| SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2009-3118 | 1 Danneo | 1 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in mod/poll/comment.php in the vote module in Danneo CMS 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the comtext parameter, in conjunction with crafted comname and comtitle parameters, in a poll action to index.php, related to incorrect input sanitization in base/danneo.function.php. | ||||
| CVE-2009-2167 | 1 Egyplus | 1 7ammel | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. | ||||
| CVE-2009-3964 | 2 Joomla, Ninjaforge | 2 Joomla\!, Com Ninjamonials | 2026-04-23 | N/A |
| SQL injection vulnerability in the NinjaMonials (com_ninjacentral) component 1.1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the testimID parameter in a display action to index.php. | ||||
| CVE-2008-4703 | 1 Bosdev | 1 Bosnews | 2026-04-23 | N/A |
| SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows remote attackers to execute arbitrary SQL commands via the article parameter. | ||||
| CVE-2008-6261 | 1 E-topbiz | 1 Admanager | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows remote attackers to execute arbitrary SQL commands via the group parameter. | ||||
| CVE-2008-2190 | 1 Romedchim International Srl | 1 Online Rent Property Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected. | ||||
| CVE-2003-1573 | 1 Sun | 1 J2ee | 2026-04-23 | N/A |
| The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages." | ||||
| CVE-2008-3030 | 1 Efes Tech Shop | 1 Efes Tech Shop | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action. | ||||
| CVE-2009-2010 | 1 Haudenschilt | 1 Family Connections Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) thread parameter to messageboard.php, (2) member parameter to profile.php, (3) pid parameter to gallery/index.php, and the (4) fcms_login_id cookie parameter. | ||||
| CVE-2008-4590 | 1 Stash | 1 Stash | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Stash 1.0.3 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to admin/login.php and (2) the post parameter to admin/news.php. | ||||
| CVE-2008-5365 | 1 Activewebsoftwares | 1 Activevotes | 2026-04-23 | N/A |
| SQL injection vulnerability in VoteHistory.asp in ActiveWebSoftwares ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter. | ||||
| CVE-2008-7071 | 1 Chipmunk-scripts | 1 Chipmunk Topsites | 2026-04-23 | N/A |
| SQL injection vulnerability in authenticate.php in Chipmunk Topsites allows remote attackers to execute arbitrary SQL commands via the username parameter, related to login.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3308 | 1 Fanupdate | 1 Fanupdate | 2026-04-23 | N/A |
| SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter. | ||||
| CVE-2008-6189 | 1 Gforge | 1 Gforge | 2026-04-23 | N/A |
| SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to (1) new/index.php, (2) news/index.php, and (3) top/topusers.php, which is not properly handled in database-pgsql.php. | ||||
| CVE-2008-6145 | 1 Typo3 | 2 Typo3, Wec Discussion Forum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||