Search Results (19569 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0515 2 Joomla, Mambo 2 Musepoes Component, Musepoes Component 2026-04-23 N/A
SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.
CVE-2008-0511 2 Joomla, Mambo 2 Com Mamml, Com Mamml 2026-04-23 N/A
SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.
CVE-2008-6485 1 Softcomplex 1 Php Image Gallery 2026-04-23 N/A
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery allows remote attackers to execute arbitrary SQL commands via the ctg parameter.
CVE-2007-2803 1 Vizayn Urun 1 Tanitim Sitesi 2026-04-23 N/A
SQL injection vulnerability in default.asp in Vizayn Urun Tanitim Sitesi 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a haberdetay action.
CVE-2009-0672 1 Ravenphpscripts 1 Ravennuke 2026-04-23 N/A
SQL injection vulnerability in the Resend_Email module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary SQL commands via the user_prefix parameter to modules.php.
CVE-2008-6487 1 Digiappz 1 Digiaffiliate 2026-04-23 N/A
Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields.
CVE-2008-6488 1 Softcomplex 1 Php Image Gallery 2026-04-23 N/A
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the Admin field in a login action.
CVE-2009-0808 1 Simple Cmms 1 Simplecmms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in SimpleCMMS before 0.1.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-0491 1 Fgallery Project 1 Fgallery 2026-04-23 N/A
SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the album parameter.
CVE-2009-0829 1 Andrew Freed 1 Quotebook 2026-04-23 N/A
Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the (1) MyBox and (2) selectFavorites parameters to (a) quotes.php and the (3) QuoteName and (4) QuoteText parameters to (b) quotesadd.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-6402 1 Mystats 1 Mystats 2026-04-23 N/A
SQL injection vulnerability in mystats.php in MyStats 1.0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the details parameter.
CVE-2009-0111 1 Goople Cms 1 Goople Cms 2026-04-23 N/A
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2009-1508 1 Keir Davis 1 X-forum 2026-04-23 N/A
SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php.
CVE-2008-6249 1 Gwm 1 Galatolo Webmanager 2026-04-23 N/A
SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-6127 1 Project Alumni 1 Project Alumni 2026-04-23 N/A
Multiple SQL injection vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the year parameter to (1) view.page.inc.php, which is reachable through a view action to index.php; or (2) the year parameter to news.page.inc.php, which is reachable through a news action to index.php.
CVE-2008-0360 1 Blog Cms 1 Blog Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in BLOG:CMS 4.2.1b allow remote attackers to execute arbitrary SQL commands via (1) the blogid parameter to index.php, (2) the user parameter to action.php, or (3) the field parameter to admin/plugins/table/index.php.
CVE-2008-0355 1 Phpecho Cms 1 Phpecho Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866.
CVE-2008-5311 1 Netart Media 1 Blog System 2026-04-23 N/A
SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-1731 1 Mlffat 1 Mlffat 2026-04-23 N/A
SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded supervisor cookie.
CVE-2008-0328 1 Fascript 1 Faname 2026-04-23 N/A
SQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.