Search Results (19542 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-0968 2 Fahlstad, Wordpress 2 Fmoblog Plugin, Wordpress 2026-04-23 N/A
SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-1975 1 Cogites 1 E Reserve 2026-04-23 N/A
SQL injection vulnerability in index.php in E-RESERV 2.1 allows remote attackers to execute arbitrary SQL commands via the ID_loc parameter.
CVE-2008-5798 1 Typo3 2 Cms Poll System Extension, Typo3 2026-04-23 N/A
SQL injection vulnerability in the CMS Poll system (cms_poll) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-5816 1 Ilias 1 Ilias 2026-04-23 N/A
SQL injection vulnerability in repository.php in ILIAS 3.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ref_id parameter.
CVE-2008-5890 1 Injader 1 Injader 2026-04-23 N/A
SQL injection vulnerability in feeds.php in Injader before 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5934 1 Cmsisweb 1 Cms Isweb 2026-04-23 N/A
SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows remote attackers to execute arbitrary SQL commands via the id_sezione parameter.
CVE-2008-5950 1 Aspapps 1 Template Creature 2026-04-23 N/A
SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote attackers to execute arbitrary SQL commands via the mcatid parameter.
CVE-2008-7145 1 Coronamatrix 1 Phpaddressbook 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) parameters.
CVE-2008-5975 1 Activewebsoftwares 1 Active Price Comparison 2026-04-23 N/A
SQL injection vulnerability in links.asp in Active Price Comparison 4.0 allows remote attackers to execute arbitrary SQL commands via the linkid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-4620 1 Mrbs 1 Mrbs 2026-04-23 N/A
SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php.
CVE-2008-0428 1 Bloofoxcms 1 Bloofoxcms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the login function in system/class_permissions.php in bloofoxCMS 0.3 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/index.php.
CVE-2008-2815 1 Mymarket 1 Mymarket 2026-04-23 N/A
SQL injection vulnerability in shopping/index.php in MyMarket 1.72 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2817 1 Nitropowered 1 Nitro Web Gallery 2026-04-23 N/A
SQL injection vulnerability in albums.php in NiTrO Web Gallery 1.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the CatId parameter in a show action.
CVE-2008-1354 1 Advanced Data Solutions 1 Virtual Support Office Xp 2026-04-23 N/A
SQL injection vulnerability in MyIssuesView.asp in Advanced Data Solutions Virtual Support Office-XP (VSO-XP) allows remote attackers to execute arbitrary SQL commands via the Issue_ID parameter.
CVE-2009-4470 1 Dvbbs 1 Dvbbs 2026-04-23 N/A
SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remote attackers to execute arbitrary SQL commands via the groupboardid parameter.
CVE-2008-1350 1 Fully Modded Phpbb 1 Fully Modded Phpbb 2026-04-23 N/A
SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm) 80220 allows remote attackers to execute arbitrary SQL commands via the k parameter in an article action.
CVE-2008-2113 1 Phpeasydata 1 Phpeasydata 2026-04-23 N/A
SQL injection vulnerability in annuaire.php in PHPEasyData 1.5.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-2065 1 Yourfreeworld 1 Jokes Site Script 2026-04-23 N/A
SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers to execute arbitrary SQL commands via the catagorie parameter.
CVE-2008-4606 1 Ip Reg 1 Ip Reg 2026-04-23 N/A
Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) location_id parameter to locationdel.php and (2) vlan_id parameter to vlanedit.php. NOTE: the vlanview.php and vlandel.php vectors are already covered by CVE-2007-6579.
CVE-2008-2047 1 Aspindir 1 Angelo-emlak 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp.