Search Results (19567 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-1613 1 Gowondesigns 1 Leap 2026-04-23 N/A
Multiple SQL injection vulnerabilities in leap.php in Leap CMS 0.1.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchterm or (2) email parameter.
CVE-2008-3783 1 Matterdaddy 1 Matterdaddy Market 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Matterdaddy Market 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) type parameters.
CVE-2008-0139 1 Loudblog 1 Loudblog 2026-04-23 N/A
Eval injection vulnerability in loudblog/inc/parse_old.php in Loudblog 0.8.0 and earlier allows remote attackers to execute arbitrary PHP code via the template parameter.
CVE-2008-3251 1 Tpl Design 1 Tplsoccersite 2026-04-23 N/A
Multiple SQL injection vulnerabilities in tplSoccerSite 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the opp parameter to tampereunited/opponent.php; or the id parameter to (2) index.php, (3) player.php, (4) matchdetails.php, or (5) additionalpage.php in tampereunited/.
CVE-2008-0510 2 Joomla, Mambo 3 Com Newsletter, Com Newsletter, Mambo 2026-04-23 N/A
SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.
CVE-2007-0350 1 Sme 1 Filemailer 2026-04-23 N/A
Multiple SQL injection vulnerabilities in (a) index.php and (b) dl.php in SmE FileMailer 1.21 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ps, (2) us, (3) f, or (4) code parameter. NOTE: the us vector in index.php is already covered by CVE-2007-0346.
CVE-2009-1480 1 Pragyan Cms Project 1 Pragyan Cms 2026-04-23 N/A
SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote attackers to execute arbitrary SQL commands via the fileget parameter in a view action and other unspecified vectors.
CVE-2007-6240 1 Snitz Communications 1 Snitz Forums 2000 2026-04-23 N/A
SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the BuildTime parameter.
CVE-2007-4920 1 Php Webquest 1 Php Webquest 2026-04-23 N/A
SQL injection vulnerability in soporte_derecha_w.php in PHP Webquest 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter.
CVE-2008-2132 1 Systementor 1 Postcardmentor 2026-04-23 N/A
SQL injection vulnerability in step1.asp in Systementor PostcardMentor allows remote attackers to execute arbitrary SQL commands via the cat_fldAuto parameter.
CVE-2009-1247 1 Acutecp.rediscussed 1 Acutecp 2026-04-23 N/A
SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-2180 1 Cplinks 1 Cplinks 2026-04-23 N/A
Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) admin_username parameter (aka the username field) to admin/index.php and the (2) search_text and (3) search_category parameters to search.php. NOTE: some of these details are obtained from third party information.
CVE-2008-6148 2 Joomla, Raven-worx 2 Joomla, Liveticker 2026-04-23 N/A
SQL injection vulnerability in the Live Ticker (com_liveticker) module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a viewticker action to index.php.
CVE-2008-2190 1 Romedchim International Srl 1 Online Rent Property Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected.
CVE-2008-2191 1 Postnuke Software Foundation 1 Pnencyclopedia 2026-04-23 N/A
SQL injection vulnerability in the pnEncyclopedia module 0.2.0 and earlier for PostNuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a display_term action to index.php.
CVE-2008-6873 1 Activewebsoftwares 1 Active Web Mail 2026-04-23 N/A
SQL injection vulnerability in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the TabOpenQuickTab1 parameter to (1) popaccounts.aspx, (2) addressbook.aspx, and (3) emails.aspx.
CVE-2008-3670 1 Articlefriendly 1 Article Friendly 2026-04-23 N/A
SQL injection vulnerability in authordetail.php in Article Friendly Pro allows remote attackers to execute arbitrary SQL commands via the autid parameter.
CVE-2008-3489 1 Phpx 1 Phpx 2026-04-23 N/A
SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie.
CVE-2008-3452 1 Endonesia 2 Calendar Module, Endonesia 2026-04-23 N/A
SQL injection vulnerability in the Calendar module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the loc_id parameter in a list_events action to mod.php.
CVE-2008-3445 1 Phpmyrealty 1 Phpmyrealty 2026-04-23 N/A
SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 allows remote attackers to execute arbitrary SQL commands via the location parameter.