Search Results (19542 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2029 1 Minibb 1 Minibb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.
CVE-2009-4217 2 Itamar Elharar, Joomla 2 Com Musicgallery, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the Itamar Elharar MusicGallery (com_musicgallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an itempage action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3845 1 Craftysyntax 1 Crafty Syntax Live Help 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php.
CVE-2007-6518 1 Woltlab 1 Burning Board Lite 2026-04-23 N/A
Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters.
CVE-2007-5912 1 Jportal 1 Jportal Web Portal 2026-04-23 N/A
SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
CVE-2008-2093 3 Joomla, Joomlapolis, Mambo 3 Com Comprofiler, Community Builder, Com Comprofiler 2026-04-23 N/A
SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php.
CVE-2008-2094 1 Xoops 1 Article Module 2026-04-23 N/A
SQL injection vulnerability in article.php in the Article module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2095 3 Joomla, Mambo, Page-flip-tools 3 Com Flippingbook, Com Flippingbook, Flipping Book 2026-04-23 N/A
SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
CVE-2008-6873 1 Activewebsoftwares 1 Active Web Mail 2026-04-23 N/A
SQL injection vulnerability in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the TabOpenQuickTab1 parameter to (1) popaccounts.aspx, (2) addressbook.aspx, and (3) emails.aspx.
CVE-2008-2113 1 Phpeasydata 1 Phpeasydata 2026-04-23 N/A
SQL injection vulnerability in annuaire.php in PHPEasyData 1.5.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-1350 1 Fully Modded Phpbb 1 Fully Modded Phpbb 2026-04-23 N/A
SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm) 80220 allows remote attackers to execute arbitrary SQL commands via the k parameter in an article action.
CVE-2008-1354 1 Advanced Data Solutions 1 Virtual Support Office Xp 2026-04-23 N/A
SQL injection vulnerability in MyIssuesView.asp in Advanced Data Solutions Virtual Support Office-XP (VSO-XP) allows remote attackers to execute arbitrary SQL commands via the Issue_ID parameter.
CVE-2007-5719 1 Minibb 1 Minibb 2026-04-23 N/A
SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows remote attackers to execute arbitrary SQL commands via the table parameter to index.php.
CVE-2007-5688 3 Invision Power Services, Phpbb, Sebflipper 3 Invision Power Board, Phpbb, Multi-forums Module 2026-04-23 N/A
Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to execute arbitrary SQL commands via the (1) go and (2) cat parameters.
CVE-2007-5679 1 Deeemm 1 Dmcms 2026-04-23 N/A
SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected.
CVE-2008-3757 1 Yourfreeworld 1 Forced Matrix Script 2026-04-23 N/A
SQL injection vulnerability in tr1.php in YourFreeWorld Forced Matrix Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3756 1 Yourfreeworld 1 Viral Marketing Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld Viral Marketing Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3755 1 Yourfreeworld 1 Classifieds 2026-04-23 N/A
SQL injection vulnerability in view.php in YourFreeWorld Classifieds Script allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2008-3754 1 Yourfreeworld 1 Stylish Text Ads Script 2026-04-23 N/A
SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3750 1 Yourfreeworld 1 Url Rotator Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to execute arbitrary SQL commands via the id parameter.