Export limit exceeded: 357559 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19362 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19362 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4208 | 1 Open-school | 1 Open-school | 2026-04-23 | N/A |
| SQL injection vulnerability in the os_news module in Open-school (OS) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php. | ||||
| CVE-2008-0498 | 1 Bigware | 1 Bigware Shop | 2026-04-23 | N/A |
| SQL injection vulnerability in main_bigware_53.tpl.php in Bigware Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the pollid parameter in a results action to main_bigware_53.php. | ||||
| CVE-2008-3212 | 1 Scripteen | 1 Free Image Hosting Script | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting Script 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/login.php, or the (3) uname or (4) pass parameter to login.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6968 | 1 Pligg | 1 Pligg Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in submit.php in Pligg CMS 9.9.5 allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters. | ||||
| CVE-2008-0512 | 1 Joomla | 1 Com Fq | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the fq (com_fq) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | ||||
| CVE-2008-2868 | 1 Duware | 1 Ducalendar | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter. | ||||
| CVE-2009-4070 | 1 Gforge | 1 Gforge | 2026-04-23 | N/A |
| SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2007-6458 | 1 My123tkshop | 1 E-commerce-suite | 2026-04-23 | N/A |
| SQL injection vulnerability in shop/mainfile.php in 123tkShop 0.9.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded value of the admin parameter to shop/admin.php. | ||||
| CVE-2008-6003 | 1 Aj Square | 1 Aj Auction | 2026-04-23 | N/A |
| SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote attackers to execute arbitrary SQL commands via the seller_id parameter. | ||||
| CVE-2009-0574 | 1 Cafeengine | 1 Easycafeengine | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Easy CafeEngine allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-4604. | ||||
| CVE-2008-4157 | 1 Vastal | 1 Phpvid | 2026-04-23 | N/A |
| SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected. | ||||
| CVE-2009-0730 | 3 Gigcalendar, Joomla, Mambo | 3 Com Gigcalendar, Joomla, Mambo | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, which is not properly handled by venuedetails.php, and (2) the gigcal_bands_id parameter in a details action to index.php, which is not properly handled by banddetails.php, different vectors than CVE-2009-0726. | ||||
| CVE-2008-1039 | 1 Porar | 1 Webboard | 2026-04-23 | N/A |
| SQL injection vulnerability in question.asp in PORAR WEBBOARD allows remote attackers to execute arbitrary SQL commands via the QID parameter. | ||||
| CVE-2009-3154 | 2 Almondsoft, Joomla | 2 Com Aclassf, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action to index.php, a different vector than CVE-2009-2567. | ||||
| CVE-2009-1345 | 1 Cpcommerce | 1 Cpcommerce | 2026-04-23 | N/A |
| SQL injection vulnerability in document.php in cpCommerce 1.2.8 allows remote attackers to execute arbitrary SQL commands via the id_document parameter. | ||||
| CVE-2008-2336 | 1 68 Classifieds | 1 68 Classifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-6093 | 1 Noname-cms | 1 Noname Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Noname CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) file_id parameter in a detailansicht action and the (2) kategorie parameter in a kategorien action. | ||||
| CVE-2008-6145 | 1 Typo3 | 2 Typo3, Wec Discussion Forum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-4901 | 1 Scripts Frenzy | 1 Article Publisher Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/admin.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-6032 | 1 Wsn | 1 Links | 2026-04-23 | N/A |
| SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||