Search Results (19570 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5213 1 Aj Square 1 Aj Article 2026-04-23 N/A
SQL injection vulnerability in featured_article.php in AJ Article 1.0 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a search detail action.
CVE-2006-6848 1 Aspticker 1 Aspticker 2026-04-23 N/A
SQL injection vulnerability in admin.asp in ASPTicker 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO, possibly related to the Password parameter.
CVE-2008-1715 1 Auracms 1 Auracms 2026-04-23 N/A
SQL injection vulnerability in content/user.php in AuraCMS 2.2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the country parameter.
CVE-2007-5452 1 Php-stats 1 Php-stats 2026-04-23 N/A
Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote attackers to execute arbitrary SQL commands via the (1) ip or (2) t parameter.
CVE-2007-5458 1 Alorys-hebergement 2 Kwsphp, Newsletter Module 2026-04-23 N/A
SQL injection vulnerability in index.php in the newsletter module 1.0 for KwsPHP, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsletter parameter.
CVE-2007-5508 1 Oracle 1 Database Server 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the CTXSYS Intermedia application for the Oracle Text component (CTX_DOC) in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) THEMES, (2) GIST, (3) TOKENS, (4) FILTER, (5) HIGHLIGHT, and (6) MARKUP procedures, aka DB03. NOTE: remote unauthenticated attack vectors exist when CTXSYS is used with oracle Application Server.
CVE-2008-1554 1 Topper 1 Toppermod 2026-04-23 N/A
SQL injection vulnerability in account/index.php in TopperMod 2.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a non-alphanumeric first character the localita parameter, which bypasses a protection mechanism.
CVE-2008-1551 1 Runcms 2 Photo Module, Runcms 2026-04-23 N/A
SQL injection vulnerability in viewcat.php in the Photo 3.02 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-1508 1 Efestech 1 E-kontor 2026-04-23 N/A
SQL injection vulnerability in EfesTech E-Kontör and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3720 1 Deeemm 1 Dmcms 2026-04-23 N/A
SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the id vector is already covered by CVE-2007-5679.
CVE-2008-3725 1 Yourfreeworld 1 Ad Board Script 2026-04-23 N/A
SQL injection vulnerability in trr.php in YourFreeWorld Ad Board Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0358 1 Pixelpost 1 Pixelpost 2026-04-23 N/A
SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter.
CVE-2007-5630 1 Bbsprocess 1 Bbportals 2026-04-23 N/A
SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.10 through 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a tnews action.
CVE-2007-5646 1 Simple Machines 1 Simple Machines Forum 2026-04-23 N/A
SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php.
CVE-2008-1496 1 Peel 1 Peel 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to (a) membre.php, and the (2) timestamp parameter to (b) the details action in achat/historique_commandes.php and (c) the facture action in factures/facture_html.php.
CVE-2008-3750 1 Yourfreeworld 1 Url Rotator Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3754 1 Yourfreeworld 1 Stylish Text Ads Script 2026-04-23 N/A
SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3755 1 Yourfreeworld 1 Classifieds 2026-04-23 N/A
SQL injection vulnerability in view.php in YourFreeWorld Classifieds Script allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2008-3756 1 Yourfreeworld 1 Viral Marketing Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld Viral Marketing Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3757 1 Yourfreeworld 1 Forced Matrix Script 2026-04-23 N/A
SQL injection vulnerability in tr1.php in YourFreeWorld Forced Matrix Script allows remote attackers to execute arbitrary SQL commands via the id parameter.