Export limit exceeded: 363437 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19724 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19724 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2554 1 Bp Blog 1 Bp Blog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp.
CVE-2008-3670 1 Articlefriendly 1 Article Friendly 2026-04-23 N/A
SQL injection vulnerability in authordetail.php in Article Friendly Pro allows remote attackers to execute arbitrary SQL commands via the autid parameter.
CVE-2008-2968 1 Yektaweb 1 Academic Web Tools 2026-04-23 N/A
SQL injection vulnerability in rating.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
CVE-2008-1858 1 724cms 1 724cms 2026-04-23 N/A
SQL injection vulnerability in index.php in 724Networks 724CMS 4.01 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2009-1508 1 Keir Davis 1 X-forum 2026-04-23 N/A
SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php.
CVE-2009-3081 1 Uiga 1 Church Portal 2026-04-23 N/A
SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the month parameter in a calendar action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-2395 2 Joomla, Joomlaworks 2 Joomla\!, Com K2 2026-04-23 N/A
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php.
CVE-2008-4494 1 Torrenttrader 1 Torrenttrader 2026-04-23 N/A
SQL injection vulnerability in completed-advance.php in TorrentTrader Classic 1.08 and 1.04 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3420 1 Willo 1 Mobius Web Publishing Software 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Mobius for Mimsy XG 1 1.4.4.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to browse.php or (2) the s parameter in an exhibitions action to detail.php.
CVE-2008-5004 1 Mywebland 1 Bloggie Lite 2026-04-23 N/A
SQL injection vulnerability in genscode.php in myWebland Bloggie Lite 0.0.2 beta allows remote attackers to execute arbitrary SQL commands via a crafted cookie.
CVE-2008-3599 1 Openimpro 1 Openimpro 2026-04-23 N/A
SQL injection vulnerability in image.php in OpenImpro 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2779 1 Ajsquare 1 Aj Matrix Dna 2026-04-23 N/A
SQL injection vulnerability in index.php in AJ Matrix DNA allows remote attackers to execute arbitrary SQL commands via the id parameter in a productdetail action.
CVE-2008-6853 1 Netcat 1 Netcat 2026-04-23 N/A
SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter.
CVE-2007-1163 1 Webspell 1 Webspell 2026-04-23 N/A
SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2007-1019, CVE-2006-5388, and CVE-2006-4783.
CVE-2009-2585 1 Mlffat 1 Mlffat 2026-04-23 N/A
SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731.
CVE-2008-2642 1 Kmrg-itb 1 Otomigenx 2026-04-23 N/A
SQL injection vulnerability in login.php in OtomiGenX 2.2 allows remote attackers to execute arbitrary SQL commands via the userAccount parameter (aka the User Name field) to index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-6812 1 Surat Kabar 1 Phpwebnews 2026-04-23 N/A
SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
CVE-2008-2477 1 Mx-system 1 Mxbb Portal 2026-04-23 N/A
SQL injection vulnerability in index.php in MxBB (aka MX-System) Portal 2.7.3 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2009-2366 1 Datachecknh 2 Forumpal, Forumpal Fe 2026-04-23 N/A
SQL injection vulnerability in login.asp in DataCheck Solutions ForumPal FE 1.1 and ForumPal 1.5 allows remote attackers to execute arbitrary SQL commands via the (1) password parameter in 1.1 and (2) p_password parameter in 1.5. NOTE: some of these details are obtained from third party information.
CVE-2009-0493 1 Martin Unzner 1 It\!cms 2026-04-23 N/A
SQL injection vulnerability in login.php in IT!CMS 2.1a and earlier allows remote attackers to execute arbitrary SQL commands via the Username.