Search Results (19542 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2336 1 68 Classifieds 1 68 Classifieds 2026-04-23 N/A
SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-2647 1 Mebiblio 1 Mebiblio 2026-04-23 N/A
SQL injection vulnerability in admin/journal_change_mask.inc.php in meBiblio 0.4.7 allows remote attackers to execute arbitrary SQL commands via the JID parameter.
CVE-2008-2642 1 Kmrg-itb 1 Otomigenx 2026-04-23 N/A
SQL injection vulnerability in login.php in OtomiGenX 2.2 allows remote attackers to execute arbitrary SQL commands via the userAccount parameter (aka the User Name field) to index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-2634 1 Bearrivernet.net 1 I-pos Internet Pay Online Store 2026-04-23 N/A
SQL injection vulnerability in index.asp in I-Pos Internet Pay Online Store 1.3 Beta and earlier allows remote attackers to execute arbitrary SQL commands via the item parameter.
CVE-2008-2632 1 Joomla 2 Com Acctexp, Joomla 2026-04-23 N/A
SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php.
CVE-2007-6143 1 Vu 1 Case Manager 2026-04-23 N/A
SQL injection vulnerability in default.asp (aka the Login Page) in VU Case Manager allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2007-6137 1 P3mbo 1 Content Injector 2026-04-23 N/A
SQL injection vulnerability in news.php in Content Injector 1.52 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2007-6134 1 Phpkit 1 Phpkit 2026-04-23 N/A
SQL injection vulnerability in pkinc/public/article.php in PHPKIT 1.6.4pl1 allows remote attackers to execute arbitrary SQL commands via the contentid parameter in an article action to include.php, a different vector than CVE-2006-1773.
CVE-2007-6091 1 Jiro 1 Banner System 2026-04-23 N/A
Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System (JBS) 2.0, and possibly JiRo's Upload Manager (aka JiRo's Upload System or JUS), allow remote attackers to execute arbitrary SQL commands via the (1) Username (aka Login or Email) or (2) Password field.
CVE-2008-3383 1 Mojoscripts 1 Mojoauto 2026-04-23 N/A
SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote attackers to execute arbitrary SQL commands via the cat_a parameter in a browse action.
CVE-2007-6035 1 Cacti 1 Cacti 2026-04-23 N/A
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
CVE-2008-2560 1 Fourtwosevenbb 1 427bb 2026-04-23 N/A
SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remote attackers to execute arbitrary SQL commands via the post parameter.
CVE-2008-2447 1 Mytipper 1 Zogo Shop 2026-04-23 N/A
SQL injection vulnerability in products.php in the Mytipper ZoGo-shop plugin 1.15.5 and 1.16 Beta 13 for e107 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2009-1453 1 Anoochit Chalothorn 1 Tiny Blogr 2026-04-23 N/A
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the txtUsername parameter (aka the Username field). NOTE: some of these details are obtained from third party information.
CVE-2008-2416 1 Fichive 1 Fichive 2026-04-23 N/A
SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php.
CVE-2008-2411 1 Sazcart 1 Sazcart 2026-04-23 N/A
SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a details action.
CVE-2008-6889 1 Activewebsoftwares 1 Aspreferral 2026-04-23 N/A
SQL injection vulnerability in Merchantsadd.asp in ASPReferral 5.3 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter.
CVE-2008-2135 1 Visualshapers 1 Ezcontents 2026-04-23 N/A
Multiple SQL injection vulnerabilities in VisualShapers ezContents 2.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) contentname parameter to showdetails.php and the (2) article parameter to printer.php.
CVE-2008-2132 1 Systementor 1 Postcardmentor 2026-04-23 N/A
SQL injection vulnerability in step1.asp in Systementor PostcardMentor allows remote attackers to execute arbitrary SQL commands via the cat_fldAuto parameter.
CVE-2008-2096 1 Backlinkspider 1 Backlink Spider 2026-04-23 N/A
SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php.