Search Results (19568 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4653 1 Xoops 2 Makale, Xoops 2026-04-23 N/A
SQL injection vulnerability in makale.php in Makale 0.26 and possibly other versions, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4651 1 Jetbox 1 Jetbox Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Jetbox CMS 2.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) orderby parameter to admin/cms/images.php and the (2) nav_id parameter in an editrecord action to admin/cms/nav.php.
CVE-2007-6035 1 Cacti 1 Cacti 2026-04-23 N/A
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
CVE-2008-3383 1 Mojoscripts 1 Mojoauto 2026-04-23 N/A
SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote attackers to execute arbitrary SQL commands via the cat_a parameter in a browse action.
CVE-2007-6172 1 Wire Plastic Design 1 Wpquiz 2026-04-23 N/A
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.
CVE-2008-4169 1 Iscripts 1 Easyindex 2026-04-23 N/A
SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote attackers to execute arbitrary SQL commands via the produid parameter.
CVE-2008-4642 1 Astrospaces 1 Astrospaces 2026-04-23 N/A
SQL injection vulnerability in profile.php in AstroSPACES 1.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action.
CVE-2008-4621 1 Zeescripts 1 Zeeproperty 2026-04-23 N/A
SQL injection vulnerability in bannerclick.php in ZeeScripts Zeeproperty allows remote attackers to execute arbitrary SQL commands via the adid parameter.
CVE-2008-4613 1 Portalapp 1 Portalapp 2026-04-23 N/A
SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
CVE-2008-1496 1 Peel 1 Peel 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to (a) membre.php, and the (2) timestamp parameter to (b) the details action in achat/historique_commandes.php and (c) the facture action in factures/facture_html.php.
CVE-2008-0358 1 Pixelpost 1 Pixelpost 2026-04-23 N/A
SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter.
CVE-2008-1508 1 Efestech 1 E-kontor 2026-04-23 N/A
SQL injection vulnerability in EfesTech E-Kontör and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-1551 1 Runcms 2 Photo Module, Runcms 2026-04-23 N/A
SQL injection vulnerability in viewcat.php in the Photo 3.02 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-1554 1 Topper 1 Toppermod 2026-04-23 N/A
SQL injection vulnerability in account/index.php in TopperMod 2.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a non-alphanumeric first character the localita parameter, which bypasses a protection mechanism.
CVE-2007-6091 1 Jiro 1 Banner System 2026-04-23 N/A
Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System (JBS) 2.0, and possibly JiRo's Upload Manager (aka JiRo's Upload System or JUS), allow remote attackers to execute arbitrary SQL commands via the (1) Username (aka Login or Email) or (2) Password field.
CVE-2008-4611 1 Php Arsivimiz 1 Php Ziyaretci Defteri 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP Arsivimiz Php Ziyaretci Defteri allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
CVE-2008-4605 1 Cafeengine 1 Easycafeengine 2026-04-23 N/A
SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) dish.php and (2) menu.php.
CVE-2008-1733 2 Joomla, Pragmaticutopia 2 Joomla, Com Puarcade 2026-04-23 N/A
SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade (com_puarcade) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter to index.php.
CVE-2007-5643 1 Lussumo 1 Vanilla 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the CategoryID parameter to ajax/sortcategories.php or (2) an unspecified vector to ajax/sortroles.php.
CVE-2008-3267 1 Mojoscripts 1 Mojojobs 2026-04-23 N/A
SQL injection vulnerability in mojoJobs.cgi in MojoJobs allows remote attackers to execute arbitrary SQL commands via the cat_a parameter.