Export limit exceeded: 19721 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19721 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-4576 2 Cmstactics, Joomla 2 Com Beeheard, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php.
CVE-2008-3387 1 Phpfootball 1 Phpfootball 2026-04-23 N/A
SQL injection vulnerability in show.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the dbtable parameter.
CVE-2008-3386 1 Alstrasoft 1 Video Share Enterprise 2026-04-23 N/A
SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote attackers to execute arbitrary SQL commands via the UID parameter, a different vector than CVE-2007-4086.
CVE-2008-3383 1 Mojoscripts 1 Mojoauto 2026-04-23 N/A
SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote attackers to execute arbitrary SQL commands via the cat_a parameter in a browse action.
CVE-2008-3382 1 Mojoscripts 1 Mojoclassifieds 2026-04-23 N/A
SQL injection vulnerability in mojoClassified.cgi in MojoClassifieds 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_a parameter.
CVE-2008-3377 1 Brandon Tallent 1 Phptest 2026-04-23 N/A
SQL injection vulnerability in picture.php in phpTest 0.6.3 allows remote attackers to execute arbitrary SQL commands via the image_id parameter.
CVE-2008-3369 1 Viart 1 Viart Shop 2026-04-23 N/A
SQL injection vulnerability in products_rss.php in ViArt Shop 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
CVE-2008-3359 1 Owl 1 Intranet Knowledgebase 2026-04-23 N/A
SQL injection vulnerability in register.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2915 1 Preprojects 1 Pre Job Board 2026-04-23 N/A
Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (aka the search module) in Pre Job Board allow remote attackers to execute arbitrary SQL commands via the (1) position or (2) kw parameter.
CVE-2008-3351 1 Atomphotoblog 1 Atomphotoblog 2026-04-23 N/A
SQL injection vulnerability in atomPhotoBlog.php in Atom PhotoBlog 1.0.9.1 and 1.1.5b1 allows remote attackers to execute arbitrary SQL commands via the photoId parameter in a show action.
CVE-2007-5222 1 Maxdev 1 Mdpro 2026-04-23 N/A
SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.76 allows remote attackers to execute arbitrary SQL commands via a "Firefox ID=" substring in a Referer HTTP header.
CVE-2009-1316 1 Abk-soft 1 Ablespace 2026-04-23 N/A
Multiple SQL injection vulnerabilities in AbleSpace 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to events_view.php and the (2) id parameter to events_clndr_view.php.
CVE-2008-3204 1 E-topbiz 1 Million Pixels 2026-04-23 N/A
SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels 3 allows remote attackers to execute arbitrary SQL commands via the id_cat parameter.
CVE-2008-3200 1 Easy-script 1 Avlc Forum 2026-04-23 N/A
SQL injection vulnerability in vlc_forum.php in Avlc Forum as of 20080715 allows remote attackers to execute arbitrary SQL commands via the id parameter in an affich_message action.
CVE-2007-4207 1 Kerberosdev 1 Gallery In A Box 2026-04-23 N/A
SQL injection vulnerability in admin_console/index.asp in Gallery In A Box allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password field. NOTE: these fields might be associated with the txtUsername and txtPassword parameters.
CVE-2007-2803 1 Vizayn Urun 1 Tanitim Sitesi 2026-04-23 N/A
SQL injection vulnerability in default.asp in Vizayn Urun Tanitim Sitesi 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a haberdetay action.
CVE-2010-0334 2 Francisco Cifuentes, Typo3 2 Vote For Tt News, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-1032 1 Yabsoft 1 Advanced Image Hosting Script 2026-04-23 N/A
SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter.
CVE-2008-3070 1 Mybb 1 Mybb 2026-04-23 N/A
Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection.
CVE-2009-1026 1 Kimwebsites 1 Kim Websites 2026-04-23 N/A
Multiple SQL injection vulnerabilities in login.php in Kim Websites 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.