Export limit exceeded: 357324 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 357324 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19355 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19355 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3719 | 1 Scripts-for-sites | 1 Affiliate Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in SFS Affiliate Directory allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action. | ||||
| CVE-2008-5737 | 1 Nodstrum | 1 Mysql Calendar | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-0705 | 1 Powerscripts | 1 Powernews | 2026-04-23 | N/A |
| SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | ||||
| CVE-2008-4760 | 1 Graphiks | 1 Myforum | 2026-04-23 | N/A |
| SQL injection vulnerability in lecture.php in Graphiks MyForum 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2556 | 1 Hessel Brouwer | 1 Php Visit Counter | 2026-04-23 | N/A |
| SQL injection vulnerability in read.php in PHP Visit Counter 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the datespan parameter in a read action. | ||||
| CVE-2008-6809 | 1 Bookingcentre | 1 Booking System For Hotels Group | 2026-04-23 | N/A |
| SQL injection vulnerability in hotel_habitaciones.php in Venalsur Booking Centre Booking System for Hotels Group 2.01 allows remote attackers to execute arbitrary SQL commands via the HotelID parameter. | ||||
| CVE-2008-1039 | 1 Porar | 1 Webboard | 2026-04-23 | N/A |
| SQL injection vulnerability in question.asp in PORAR WEBBOARD allows remote attackers to execute arbitrary SQL commands via the QID parameter. | ||||
| CVE-2008-5636 | 1 Lovedesigner | 1 Lito Lite Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in cate.php in Lito Lite CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-4711 | 1 Joovili | 1 Joovili | 2026-04-23 | N/A |
| SQL injection vulnerability in Joovili 3.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.blog.php, (2) view.event.php, (3) view.group.php, (4) view.music.php, (5) view.picture.php, and (6) view.video.php. | ||||
| CVE-2008-2865 | 1 Kalptaru Infotech | 1 Php Site Lock | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a show_article action. | ||||
| CVE-2008-1975 | 1 Cogites | 1 E Reserve | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in E-RESERV 2.1 allows remote attackers to execute arbitrary SQL commands via the ID_loc parameter. | ||||
| CVE-2008-6596 | 1 Phpcredo | 1 Phcdownload | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute arbitrary SQL commands via the hash parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6812 | 1 Surat Kabar | 1 Phpwebnews | 2026-04-23 | N/A |
| SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter. | ||||
| CVE-2008-3083 | 2 Brightcode, Joomla | 2 Brightcode Weblinks Module, Com Brightweblinks | 2026-04-23 | N/A |
| SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2008-2860 | 1 Aj Square | 1 Aj Auction | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in AJSquare AJ Auction Pro web 2.0 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. | ||||
| CVE-2009-2929 | 1 Tgs-cms | 1 Tgs Content Management | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in TGS Content Management 0.x allow remote attackers to execute arbitrary SQL commands via the (1) tgs_language_id, (2) tpl_dir, (3) referer, (4) user-agent, (5) site, (6) option, (7) db_optimization, (8) owner, (9) admin_email, (10) default_language, and (11) db_host parameters to cms/index.php; and the (12) cmd, (13) s_dir, (14) minutes, (15) s_mask, (16) test3_mp, (17) test15_file1, (18) submit, (19) brute_method, (20) ftp_server_port, (21) userfile14, (22) subj, (23) mysql_l, (24) action, and (25) userfile1 parameters to cms/frontpage_ception.php. NOTE: some of these parameters may be applicable only in nonstandard versions of the product, and cms/frontpage_ception.php may be cms/frontpage_caption.php in all released versions. | ||||
| CVE-2008-2384 | 3 Apache, Joey Schulze, Redhat | 3 Http Server, Mod Auth Mysql, Enterprise Linux | 2026-04-23 | N/A |
| SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request. | ||||
| CVE-2008-5578 | 1 Scssboard | 1 Scssboard | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via (1) the f parameter in a showforum action, (2) the u parameter in a profile action, (3) the viewcat parameter, or (4) a combination of scb_uid and scb_ident cookie values. | ||||
| CVE-2008-1758 | 1 Kwsphp | 1 Kwsphp | 2026-04-23 | N/A |
| SQL injection vulnerability in the ConcoursPhoto module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the C_ID parameter to index.php. | ||||
| CVE-2008-1968 | 1 Cezannesw | 1 Cezanne | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Cezanne 7 allow remote authenticated users to execute arbitrary SQL commands via the FUNID parameter to (1) CFLookup.asp and (2) CznCommon/CznCustomContainer.asp. | ||||