Search Results (19541 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-3480 2 Isygen, Joomla 2 Icrm Basic, Joomla 2026-04-23 N/A
SQL injection vulnerability in the iCRM Basic (com_icrmbasic) component 1.4.2.31 for Joomla! allows remote attackers to execute arbitrary SQL commands via the p3 parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-3913 1 Gforge 1 Gforge 2026-04-23 N/A
SQL injection vulnerability in Gforge before 3.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-0381 2 Bazaarbuilder, Joomla 2 Ecommerce Shopping Cart, Joomla 2026-04-23 N/A
SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping Cart (com_prod) 5.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a products action to index.php.
CVE-2008-1863 1 Prozilla 1 Cheats 2026-04-23 N/A
SQL injection vulnerability in view_reviews.php in Prozilla Cheat Script (aka Cheats) 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0695 1 Bookmarkx 1 Script 2026-04-23 N/A
SQL injection vulnerability in index.php in BookmarkX script 2007 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a showtopic action.
CVE-2008-0424 1 Mooseguy Blog System 1 Mgbs 2026-04-23 N/A
SQL injection vulnerability in blog.php in Mooseguy Blog System (MGBS) 1.0 allows remote attackers to execute arbitrary SQL commands via the month parameter.
CVE-2008-5928 1 Flds-script 1 Flds 2026-04-23 N/A
SQL injection vulnerability in redir.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-6373 1 Gestdown 1 Gestdown 2026-04-23 N/A
Multiple SQL injection vulnerabilities in GestDown 1.00 Beta allow remote attackers to execute arbitrary SQL commands via the (1) categorie parameter to catdownload.php, or the id parameter to (2) download.php or (3) hitcounter.php.
CVE-2008-1314 2 Johannes Hass, Phpnuke 2 Gaestebuch Module, Php-nuke 2026-04-23 N/A
SQL injection vulnerability in the Johannes Hass gaestebuch 2.2 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to modules.php.
CVE-2008-2781 1 Dzoic 1 Handshakes 2026-04-23 N/A
SQL injection vulnerability in index.php in DZOIC Handshakes 3.5 allows remote attackers to execute arbitrary SQL commands via the fname parameter in a members search action.
CVE-2009-2311 2 Selbstzweck, Woltlab 2 Rgallery Plugin, Burning Board 2026-04-23 N/A
SQL injection vulnerability in the rGallery plugin 1.2.3 for WoltLab Burning Board (WBB3) allows remote attackers to execute arbitrary SQL commands via the userID parameter in the RGalleryUserGallery page to index.php, a different vector than CVE-2008-4627.
CVE-2009-4217 2 Itamar Elharar, Joomla 2 Com Musicgallery, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the Itamar Elharar MusicGallery (com_musicgallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an itempage action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-5974 1 Jportal 1 Jportal Web Portal 2026-04-23 N/A
SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
CVE-2007-6576 1 Adultscript 1 Adultscript 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php.
CVE-2008-2456 1 Comicshout 1 Comicshout 2026-04-23 N/A
SQL injection vulnerability in index.php in ComicShout 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the comic_id parameter.
CVE-2008-0878 1 Runcms 1 Myannonces 2026-04-23 N/A
SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
CVE-2008-6454 1 6rbscript 1 6rbscript 2026-04-23 N/A
SQL injection vulnerability in section.php in 6rbScript 3.3 allows remote attackers to execute arbitrary SQL commands via the singerid parameter in a singers action.
CVE-2008-2510 1 Wordpress 1 Upload File Plugin 2026-04-23 N/A
SQL injection vulnerability in wp-uploadfile.php in the Upload File plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the f_id parameter.
CVE-2008-6991 1 Cmsbright 1 Cmsbright 2026-04-23 N/A
SQL injection vulnerability in public/page.php in Websens CMSbright allows remote attackers to execute arbitrary SQL commands via the id_rub_page parameter.
CVE-2008-3089 1 Xpoze 1 Xpoze Pro 2026-04-23 N/A
SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter.