Search Results (19542 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-0340 1 Typo3 2 Mjseventpro, Typo3 2026-04-23 N/A
SQL injection vulnerability in the MJS Event Pro (mjseventpro) extension 0.2.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0341 1 Typo3 2 Bb Simplejobs, Typo3 2026-04-23 N/A
SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-0681 1 Phpshop 1 Phpshop 2026-04-23 N/A
SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action.
CVE-2009-2179 1 W2b 1 Phpdatingclub 2026-04-23 N/A
SQL injection vulnerability in search.php in phpDatingClub 3.7 allows remote attackers to execute arbitrary SQL commands via the sform[day] parameter.
CVE-2008-0682 1 Wordpress 1 Wordspew 2026-04-23 N/A
SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin before 3.72 for Wordpress allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0685 1 Itechscripts 1 Itechclassifieds 2026-04-23 N/A
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
CVE-2008-0689 1 Joomla 1 Com Marketplace 2026-04-23 N/A
SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action.
CVE-2008-0692 1 Itechscripts 1 Itechbids 2026-04-23 N/A
SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter.
CVE-2007-6580 1 Wallpaper 1 Wallpaper Complete Website 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Wallpaper Site 1.0.09 allow remote attackers to execute arbitrary SQL commands via (1) the catid parameter to category.php or (2) the groupid parameter to editadgroup.php.
CVE-2009-1747 1 26thavenue 1 Bspeak 2026-04-23 N/A
SQL injection vulnerability in index.php in 26th Avenue bSpeak 1.10 allows remote attackers to execute arbitrary SQL commands via the forumid parameter in a post action.
CVE-2007-6658 1 Customcms 1 Ccms 2026-04-23 N/A
SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page.
CVE-2009-3062 1 Phplivesupport. 1 Phplive\! 2026-04-23 N/A
SQL injection vulnerability in message_box.php in OSI Codes PHP Live! 3.3 allows remote attackers to execute arbitrary SQL commands via the deptid parameter.
CVE-2007-6719 1 Inspector It 1 Wiz-ad 2026-04-23 N/A
SQL injection vulnerability in Wiz-Ad 1.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-2428 1 Tauschregal.de 1 Tausch Ticket Script 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Tausch Ticket Script 3 allow remote attackers to execute arbitrary SQL commands via the (1) userid parameter to suchauftraege_user.php and the (2) descr parameter to vote.php; and other unspecified vectors.
CVE-2008-5727 1 Netcat 1 Netcat 2026-04-23 N/A
SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the query string.
CVE-2008-0810 2 Joomla, Mambo 2 Com Scheduling Component, Com Scheduling Component 2026-04-23 N/A
SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0816 1 Com Sg 1 Com Sg 2026-04-23 N/A
SQL injection vulnerability in the com_sg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task.
CVE-2007-6158 1 Proverbs 1 Proverbs Web Calendar 2026-04-23 N/A
Multiple SQL injection vulnerabilities in caladmin.inc.php in Proverbs Web Calendar 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) loginname (aka Username) and (2) loginpass (aka Password) parameters to caladmin.php.
CVE-2008-0129 1 Siteatschool 1 Siteatschool 2026-04-23 N/A
SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and earlier allows remote attackers to execute arbitrary SQL commands via the album_name parameter.
CVE-2008-0147 1 Smallnuke 1 Smallnuke 2026-04-23 N/A
SQL injection vulnerability in index.php in SmallNuke 2.0.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via (1) the user_email parameter and possibly (2) username parameter in a Members action.