Search Results (19562 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2489 1 Typo3 1 Sg Zfelib 2026-04-23 N/A
SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified "user input."
CVE-2008-2925 1 Valarsoft 1 Webmatic 2026-04-23 N/A
SQL injection vulnerability in Webmatic before 2.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3748 1 Lbstone 2 Active Php Bookmarks, Apb 2026-04-23 N/A
SQL injection vulnerability in view_group.php in Active PHP Bookmarks (APB) 1.1.02 and 1.2.06 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5972 1 Activewebsoftwares 1 Active Business Directory 2026-04-23 N/A
SQL injection vulnerability in default.asp in Active Business Directory 2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2008-2448 1 Aspindir 1 Meto Forum 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Meto Forum 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) admin/duzenle.asp and (b) admin_oku.asp; the (2) kid parameter to (c) kategori.asp and (d) admin_kategori.asp; and unspecified parameters to (e) uye.asp and (f) oku.asp.
CVE-2008-2429 1 Calendarix 1 Basic 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via (1) the catsearch parameter to cal_search.php or (2) the catview parameter to cal_cat.php. NOTE: vector 1 might overlap CVE-2007-3183.3, and vector 2 might overlap CVE-2005-1865.2.
CVE-2008-5977 1 Preprojects 1 Php Jobwebsite Pro 2026-04-23 N/A
SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the adname parameter in a Submit action.
CVE-2007-6583 1 1024 Cms 1 1024 Cms 2026-04-23 N/A
SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter.
CVE-2007-6575 1 Brand039 1 Mmslamp 2026-04-23 N/A
SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action.
CVE-2007-6491 1 Kvaliitti 1 Webdoc Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Kvaliitti WebDoc 3.0 CMS allow remote attackers to execute arbitrary SQL commands via (1) the cat_id parameter to categories.asp; and probably (2) the document_id parameter to categories.asp, and the (3) cat_id and (4) document_id parameters to subcategory.asp.
CVE-2008-6016 1 Editeurscripts 1 Esfaq 2026-04-23 N/A
SQL injection vulnerability in questions.php in EsFaq 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3952. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2334 1 Aspindir 1 Philboard 2026-04-23 N/A
Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0936 1 Xoops 1 Prayer List Module 2026-04-23 N/A
SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
CVE-2008-0934 2 Nukec, Php-nuke 2 Nukec, Nukec Module 2026-04-23 N/A
SQL injection vulnerability in modules.php in the NukeC 2.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action.
CVE-2008-0922 1 Php-nuke 1 Manuales 2026-04-23 N/A
SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php.
CVE-2008-0918 2 Astats, Joomla 2 Astatspro, Com Astatspro 2026-04-23 N/A
SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-0427 1 Dmxready 1 Member Directory Manager 2026-04-23 N/A
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-0878 1 Runcms 1 Myannonces 2026-04-23 N/A
SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
CVE-2009-0451 1 Skalinks 1 Skalinks 2026-04-23 N/A
SQL injection vulnerability in Skalfa SkaLinks 1.5 allows remote attackers to execute arbitrary SQL commands via the Admin name field to the default URI under admin/.
CVE-2009-2235 1 Yourarticlesdirectory 1 Your Articles Directory 2026-04-23 N/A
SQL injection vulnerability in page.php in Your Articles Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.