Export limit exceeded: 19362 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19362 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0918 | 2 Astats, Joomla | 2 Astatspro, Com Astatspro | 2026-04-23 | N/A |
| SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-0936 | 1 Xoops | 1 Prayer List Module | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | ||||
| CVE-2008-0920 | 1 Open Source Security Information Management | 1 Os-sim | 2026-04-23 | N/A |
| SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 allows remote authenticated users to execute arbitrary SQL commands via the portname parameter, which is not properly handled by a validation regular expression. | ||||
| CVE-2008-0921 | 1 Becontent | 1 Becontent | 2026-04-23 | N/A |
| SQL injection vulnerability in news.php in beContent 0.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0922 | 1 Php-nuke | 1 Manuales | 2026-04-23 | N/A |
| SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php. | ||||
| CVE-2008-0934 | 2 Nukec, Php-nuke | 2 Nukec, Nukec Module | 2026-04-23 | N/A |
| SQL injection vulnerability in modules.php in the NukeC 2.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action. | ||||
| CVE-2008-0937 | 2 Tinyevent, Xoops | 2 Tinyevent, Tiny Event Module | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811. | ||||
| CVE-2008-0939 | 1 Wordpress | 1 Photo Album Plugin | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in wppa.php in the WP Photo Album (WPPA) before 1.1 plugin for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the photo parameter to index.php, used by the wppa_photo_name function; or (2) the album parameter to index.php, used by the wppa_album_name function. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0942 | 1 Aeries | 1 Aeries Student Information System | 2026-04-23 | N/A |
| SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote attackers to execute arbitrary SQL commands via the GrdBk parameter. | ||||
| CVE-2008-0943 | 1 Aeries | 1 Aeries Student Information System | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp. | ||||
| CVE-2008-2012 | 1 Postnuke Software Foundation | 1 Postschedule | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the eid parameter in an event action. | ||||
| CVE-2008-2013 | 1 Pnflashgames | 1 Pnflashgames | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the pnFlashGames 1.5 through 2.5 module for PostNuke, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a display action. | ||||
| CVE-2008-2023 | 1 Pd9 Software | 1 Megabbs | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) invisible and (2) timeoffset parameters to profile/controlpanel.asp and the (3) attachmentid parameter to forums/attach-file.asp. | ||||
| CVE-2008-2029 | 1 Minibb | 1 Minibb | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php. | ||||
| CVE-2008-2036 | 1 Dream4 | 1 Koobi | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in dream4 Koobi Pro 6.25 allows remote attackers to execute arbitrary SQL commands via the poll_id parameter in a poll action. | ||||
| CVE-2009-0111 | 1 Goople Cms | 1 Goople Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-2047 | 1 Aspindir | 1 Angelo-emlak | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp. | ||||
| CVE-2008-2063 | 1 Joovili | 1 Joovili | 2026-04-23 | N/A |
| SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2008-2065 | 1 Yourfreeworld | 1 Jokes Site Script | 2026-04-23 | N/A |
| SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers to execute arbitrary SQL commands via the catagorie parameter. | ||||
| CVE-2008-2067 | 1 Minibb | 1 Minibb | 2026-04-23 | N/A |
| SQL injection vulnerability in bb_admin.php in miniBB 2.2a allows remote attackers to execute arbitrary SQL commands via the whatus parameter in a searchusers2 action. NOTE: it was later reported that other versions before 3.0.1 are also vulnerable. | ||||