Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19542 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6134 1 Phpkit 1 Phpkit 2026-04-23 N/A
SQL injection vulnerability in pkinc/public/article.php in PHPKIT 1.6.4pl1 allows remote attackers to execute arbitrary SQL commands via the contentid parameter in an article action to include.php, a different vector than CVE-2006-1773.
CVE-2008-3383 1 Mojoscripts 1 Mojoauto 2026-04-23 N/A
SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote attackers to execute arbitrary SQL commands via the cat_a parameter in a browse action.
CVE-2007-6035 1 Cacti 1 Cacti 2026-04-23 N/A
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
CVE-2008-2537 1 Hispah 1 Model Search 2026-04-23 N/A
SQL injection vulnerability in cat.php in HispaH Model Search allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-2535 1 Fkrauthan 1 Phoenix View Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to execute arbitrary SQL commands via the del parameter to (1) gbuch.admin.php, (2) links.admin.php, (3) menue.admin.php, (4) news.admin.php, and (5) todo.admin.php in admin/module/.
CVE-2008-2529 1 Advanced Links Management 1 Advanced Links Management 2026-04-23 N/A
SQL injection vulnerability in read.php in Advanced Links Management (ALM) 1.5.2 allows remote attackers to execute arbitrary SQL commands via the catId parameter.
CVE-2008-2484 1 Xomol 1 Xomol Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter.
CVE-2008-2443 1 Therealestatescript 1 The Real Estate Script 2026-04-23 N/A
SQL injection vulnerability in dpage.php in The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the docID parameter.
CVE-2008-2569 1 Joomla 1 Easybook Component 2026-04-23 N/A
SQL injection vulnerability in the EasyBook (com_easybook) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a deleteentry action to index.php.
CVE-2008-2565 1 Php-address Book 1 Php-address Book 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected.
CVE-2008-2562 1 Powerphlogger 1 Powerphlogger 2026-04-23 N/A
SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and earlier allows remote authenticated users to execute arbitrary SQL commands via the css_str parameter in an edit action.
CVE-2008-1918 1 Php-fusion 1 Php-fusion 2026-04-23 N/A
SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magic_quotes_gpc is disabled and the database table prefix is known, allows remote authenticated users to execute arbitrary SQL commands via the submit_info[] parameter in a link submission action. NOTE: it was later reported that 7.00.2 is also affected.
CVE-2008-1915 1 Devworx 1 Blogworx 2026-04-23 N/A
SQL injection vulnerability in view.asp in DevWorx BlogWorx 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-1913 1 Lasernet Cms 1 Lasernet Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the new parameter in a new action.
CVE-2007-5151 1 Nukescripts 1 Nukesentinel 2026-04-23 N/A
SQL injection vulnerability in the abget_admin function in includes/nukesentinel.php in NukeSentinel 2.5.12 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie.
CVE-2008-1875 1 Terong 1 Advanced Web Photo Gallery 2026-04-23 N/A
SQL injection vulnerability in index.php in Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 allows remote attackers to execute arbitrary SQL commands via the photo_id parameter.
CVE-2008-4883 1 Yourfreeworld 1 Blog Blaster Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld Blog Blaster Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0325 1 Fascript 1 Fapersian Petition 2026-04-23 N/A
SQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-1646 2 Arnos Toolbox, Wordpress 2 Wp-download, Wp Download 2026-04-23 N/A
SQL injection vulnerability in wp-download.php in the WP-Download 1.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the dl_id parameter.
CVE-2008-1640 1 Jgs-xa 1 Jgs Treffen 2026-04-23 N/A
SQL injection vulnerability in jgs_treffen.php in the JGS-XA JGS-Treffen 2.0.2 and earlier addon for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the view_id parameter in an ansicht action.