Search Results (19542 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4495 1 Select Development Solutions 1 Php Auto Dealer 2026-04-23 N/A
SQL injection vulnerability in view_cat.php in PHP Auto Dealer 2.7 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter.
CVE-2008-4463 1 Vastal I-tech 1 Jobs Zone 2026-04-23 N/A
SQL injection vulnerability in view_news.php in Vastal I-Tech Jobs Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
CVE-2007-6540 1 Neuron 1 News 2026-04-23 N/A
SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL commands via the q parameter to the default URI in patch/.
CVE-2008-4371 1 Availscript 1 Availscript Article Script 2026-04-23 N/A
SQL injection vulnerability in articles.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the aIDS parameter.
CVE-2008-4357 1 Powie 1 Plink 2026-04-23 N/A
SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4043 1 Aj Square 1 Aj Hyip 2026-04-23 N/A
Multiple SQL injection vulnerabilities in AJ Square AJ HYIP Acme allow remote attackers to execute arbitrary SQL commands via the artid parameter to (1) acme/article/comment.php and (2) prime/article/comment.php.
CVE-2008-3948 1 Xrms 1 Xrms Crm 2026-04-23 N/A
SQL injection vulnerability in admin/users/self-2.php in XRMS allows remote attackers to execute arbitrary SQL commands and modify name and email fields via unspecified vectors.
CVE-2009-2933 1 Piwigo 1 Piwigo 2026-04-23 N/A
SQL injection vulnerability in comments.php in Piwigo before 2.0.3 allows remote attackers to execute arbitrary SQL commands via the items_number parameter.
CVE-2007-5836 1 Afcommerce 1 Afcommerce 2026-04-23 N/A
SQL injection vulnerability in Amazing Flash AFCommerce allows remote attackers to execute arbitrary SQL commands via the firstname parameter to an unspecified component, a different issue than CVE-2006-3794. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-2881 1 Artis.imag 1 Basilic 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote attackers to execute arbitrary SQL commands via the idAuthor parameter to (1) index.php and possibly (2) allpubs.php in publications/.
CVE-2009-4564 1 Zenphoto 1 Zenphoto 2026-04-23 N/A
SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ZenPage plugin is enabled, allows remote attackers to execute arbitrary SQL commands via the category parameter, related to a URI under news/category/.
CVE-2009-4569 1 Elkagroup 1 Image Gallery 2026-04-23 N/A
SQL injection vulnerability in elkagroup Image Gallery allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI under news/.
CVE-2009-4583 1 Joomla 2 Com Dhforum, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the DhForum (com_dhforum) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a grouplist action to index.php.
CVE-2009-4600 1 Netartmedia 1 Media Real Estate Portal 2026-04-23 N/A
SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the Email parameter (aka the username field). NOTE: some of these details are obtained from third party information.
CVE-2009-4617 1 Tourismscripts 1 Tourism Script Accomodation Hotel Booking Portal Script 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Tourism Script Accommodation Hotel Booking Portal Script allow remote attackers to execute arbitrary SQL commands via the hotel_id parameter to (1) hotel.php, (2) details.php, (3) roomtypes.php, (4) photos.php, (5) map.php, (6) weather.php, (7) reviews.php, and (8) book.php.
CVE-2009-4621 2 Discuz, Patching 2 Discuz\!, Jianghu Inn 2026-04-23 N/A
SQL injection vulnerability in the JiangHu Inn plugin 1.1 and earlier for Discuz! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to forummission.php.
CVE-2007-5372 2 Dws Systems Inc., Ledgersmb 2 Sql-ledger, Ledgersmb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
CVE-2007-5371 1 Modxcms 1 Modxcms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in mutate_content.dynamic.php in MODx 0.9.6 allow remote attackers to execute arbitrary SQL commands via the (1) documentDirty or (2) modVariables parameter.
CVE-2009-4624 1 Nicecoder 1 Idesk 2026-04-23 N/A
SQL injection vulnerability in download.php in Nicecoder iDesk allows remote attackers to execute arbitrary SQL commands via the cat_id parameter, a different vector than CVE-2005-3843.
CVE-2007-5233 1 Deonixscripts 1 Web Template Management System 2026-04-23 N/A
SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a readmore action.