Export limit exceeded: 19355 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19355 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6380 | 1 Activewebsoftwares | 1 Active Web Helpdesk | 2026-04-23 | N/A |
| SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter. | ||||
| CVE-2008-6389 | 1 Aliensoftcorp | 1 Rae Media Contact Management | 2026-04-23 | N/A |
| SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, Standard, and Enterprise allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4777 | 2 Joomla, Mambo | 3 Com Lms, Joomla, Mambo | 2026-04-23 | N/A |
| SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task. | ||||
| CVE-2006-6157 | 1 Michaelis Freunde | 1 Contentnow | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in ContentNow 1.39 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter. NOTE: this issue can be leveraged for path disclosure with an invalid pageid parameter. | ||||
| CVE-2008-3136 | 1 Ashopsoftware | 1 Ashop Deluxe | 2026-04-23 | N/A |
| SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-4713 | 1 212cafe | 1 212cafeboard | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in 212cafe Board 0.07 allows remote attackers to execute arbitrary SQL commands via the qID parameter. | ||||
| CVE-2009-2010 | 1 Haudenschilt | 1 Family Connections Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) thread parameter to messageboard.php, (2) member parameter to profile.php, (3) pid parameter to gallery/index.php, and the (4) fcms_login_id cookie parameter. | ||||
| CVE-2007-6163 | 1 Gouae | 1 Dwd Realty | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty allows remote attackers to execute arbitrary SQL commands via the pword (aka Password) parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4074 | 1 Zanfi Solutions | 1 Autodealers Cms Autonline | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2009-4474 | 2 Mambo-foundation, Mikedeboer | 2 Mambo, Com Zoom | 2026-04-23 | N/A |
| SQL injection vulnerability in the Mike de Boer zoom (com_zoom) component 2.0 for Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2008-5561 | 1 Netref | 1 Netref | 2026-04-23 | N/A |
| SQL injection vulnerability in Netref 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) fiche_product.php and (2) presentation.php. | ||||
| CVE-2009-4574 | 1 I-escorts | 1 I-escorts Directory Script | 2026-04-23 | N/A |
| SQL injection vulnerability in country_escorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the country_id parameter. | ||||
| CVE-2007-6170 | 2 Debian, Digium | 2 Debian Linux, Asterisk | 2026-04-23 | N/A |
| SQL injection vulnerability in the Call Detail Record Postgres logging engine (cdr_pgsql) in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows remote authenticated users to execute arbitrary SQL commands via (1) ANI and (2) DNIS arguments. | ||||
| CVE-2008-3152 | 1 Orbitscripts | 2 Smartppc, Smartppc Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote attackers to execute arbitrary SQL commands via the idDirectory parameter. | ||||
| CVE-2008-5767 | 1 Gazatem | 1 Gnews Publisher | 2026-04-23 | N/A |
| SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter. | ||||
| CVE-2009-2924 | 1 Videosbroadcastyourself | 1 Videos Broadcast Yourself | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Videos Broadcast Yourself 2 allow remote attackers to execute arbitrary SQL commands via the (1) UploadID parameter to videoint.php, and possibly the (2) cat_id parameter to catvideo.php and (3) uid parameter to cviewchannels.php. | ||||
| CVE-2008-3267 | 1 Mojoscripts | 1 Mojojobs | 2026-04-23 | N/A |
| SQL injection vulnerability in mojoJobs.cgi in MojoJobs allows remote attackers to execute arbitrary SQL commands via the cat_a parameter. | ||||
| CVE-2009-2734 | 1 Achievo | 1 Achievo | 2026-04-23 | N/A |
| SQL injection vulnerability in the get_employee function in classweekreport.inc in Achievo before 1.4.0 allows remote attackers to execute arbitrary SQL commands via the userid parameter (aka user_id variable) to dispatch.php. | ||||
| CVE-2008-2411 | 1 Sazcart | 1 Sazcart | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a details action. | ||||
| CVE-2008-5651 | 1 Myiosoft | 1 Easybookmarker | 2026-04-23 | N/A |
| SQL injection vulnerability in plugins/bookmarker/bookmarker_backend.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the Parent parameter. | ||||