Export limit exceeded: 19027 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19027 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2179 | 1 W2b | 1 Phpdatingclub | 2026-04-23 | N/A |
| SQL injection vulnerability in search.php in phpDatingClub 3.7 allows remote attackers to execute arbitrary SQL commands via the sform[day] parameter. | ||||
| CVE-2008-6149 | 2 Joomla, Joomlaapps | 2 Joomla, Com Mdigg | 2026-04-23 | N/A |
| SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cagtegory parameter in a story_lists action to index.php. | ||||
| CVE-2009-2209 | 1 Rs-cms | 1 Rs-cms | 2026-04-23 | N/A |
| SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the key parameter. | ||||
| CVE-2009-2885 | 1 Phpscriptsnow | 1 World\'s Tallest Buildings | 2026-04-23 | N/A |
| SQL injection vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter. | ||||
| CVE-2008-6179 | 1 Indexscript | 1 Indexscript | 2026-04-23 | N/A |
| SQL injection vulnerability in sug_cat.php in IndexScript 3.0 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter, a different vector than CVE-2007-4069. | ||||
| CVE-2008-4881 | 1 Yourfreeworld | 1 Reminder Service Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Reminder Service Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-2164 | 1 Kjtechforce | 1 Mailman | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Kjtechforce mailman beta1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the code parameter to activate.php or (2) the dest parameter to index.php. | ||||
| CVE-2008-2999 | 1 Drupal | 2 Aggregation Module, Drupal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-2892 | 2 Feellove, Joomla | 2 Exp Shop Component, Com Expshop | 2026-04-23 | N/A |
| SQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_payment action to index.php. | ||||
| CVE-2008-3123 | 1 Mole Group | 1 Real Estate Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Mole Group Real Estate Script 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action. | ||||
| CVE-2008-3867 | 1 Cce-interact | 1 Interact | 2026-04-23 | N/A |
| SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to execute arbitrary SQL commands via the email_user_key parameter. | ||||
| CVE-2009-2775 | 1 Phparcadescript | 1 Phparcadescript | 2026-04-23 | N/A |
| SQL injection vulnerability in linkout.php in PHPArcadeScript (PHP Arcade Script) 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-2152 | 1 Isabela Gasparini | 1 Adaptweb | 2026-04-23 | N/A |
| SQL injection vulnerability in a_index.php in AdaptWeb 0.9.2 allows remote attackers to execute arbitrary SQL commands via the CodigoDisciplina parameter in a TopicosCadastro1 action. | ||||
| CVE-2009-2154 | 1 Sappy.dk | 1 Impleo Music Collection | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/login.php in Impleo Music Collection 2.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-2157 | 1 Torrenttrader | 1 Torrenttrader Classic | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in TorrentTrader Classic 1.09 allow remote authenticated users to execute arbitrary SQL commands via (1) the origmsg parameter to account-inbox.php; the categ parameter to (2) delreq.php and (3) admin-delreq.php; (4) the choice parameter to index.php; (5) the id parameter to modrules.php in an edited (aka edit) action; the (6) user, (7) torrent, (8) forumid, and (9) forumpost parameters to report.php; (10) the delmp parameter to take-deletepm.php; (11) the delreport parameter to takedelreport.php; (12) the delreq parameter to takedelreq.php; (13) the clases parameter to takestaffmess.php; and (14) the warndisable parameter to takewarndisable.php; and allow remote attackers to execute arbitrary SQL commands via (15) the wherecatin parameter to browse.php, (16) the limit parameter to today.php, and (17) the where parameter to torrents-details.php. | ||||
| CVE-2008-3025 | 1 Plx Web Studio | 1 Plx Ad Trader | 2026-04-23 | N/A |
| SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in a redir action. | ||||
| CVE-2008-1349 | 1 Exv2 | 2 Bamagalerie, Exv2 | 2026-04-23 | N/A |
| SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Galerie) 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2009-2144 | 3 Edgewall, Firestats, Wordpress | 3 Firestats, Firestats, Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-2776 | 1 Sellatsite.com | 1 Smart Asp Survey | 2026-04-23 | N/A |
| SQL injection vulnerability in showresult.asp in Smart ASP Survey allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2008-6329 | 1 Preproject | 1 Pre Asp Job Board | 2026-04-23 | N/A |
| SQL injection vulnerability in Employee/login.asp in Pre ASP Job Board allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters, as reachable from Employee/emp_login.asp. NOTE: some of these details are obtained from third party information. | ||||