Search Results (19570 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2886 1 Phpscriptsnow 1 President Bios 2026-04-23 N/A
SQL injection vulnerability in bios.php in PHP Scripts Now President Bios allows remote attackers to execute arbitrary SQL commands via the rank parameter.
CVE-2009-2891 1 Phpscriptsnow 1 Riddles 2026-04-23 N/A
SQL injection vulnerability in list.php in PHP Scripts Now Riddles allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2009-2978 1 Sugarcrm 1 Sugarcrm 2026-04-23 N/A
SQL injection vulnerability in SugarCRM 4.5.1o and earlier, 5.0.0k and earlier, and 5.2.0g and earlier, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4158 2 Mario Matzulla, Typo3 2 Cal, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Calendar Base (cal) extension before 1.2.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2850 1 Drupal 1 Trailscout Module 2026-04-23 N/A
SQL injection vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified cookies, related to improper use of the Drupal database API.
CVE-2008-2846 1 Boatscripts 1 Boatscripts Classifieds 2026-04-23 N/A
SQL injection vulnerability in index.php in BoatScripts Classifieds allows remote attackers to execute arbitrary SQL commands via the type parameter.
CVE-2008-2845 1 Mybizz-classifieds 1 Mybizz-classifieds 2026-04-23 N/A
SQL injection vulnerability in index.php in MyBizz-Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-2834 1 Sidb 1 Scientific Image Database 2026-04-23 N/A
SQL injection vulnerability in projects.php in Scientific Image DataBase 0.41 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4099 2 G4j.laoneo, Joomla 2 Com Gcalendar, Joomla 2026-04-23 N/A
SQL injection vulnerability in the Google Calendar GCalendar (com_gcalendar) component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-4104 2 Joomla, Lyften 2 Joomla\!, Com Lyftenbloggie 2026-04-23 N/A
SQL injection vulnerability in Lyften Designs LyftenBloggie (com_lyftenbloggie) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter to index.php.
CVE-2009-4046 1 Frontaccounting 1 Frontaccounting 2026-04-23 N/A
Multiple SQL injection vulnerabilities in FrontAccounting (FA) 2.2.x before 2.2 RC allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) bank_accounts.php, (2) currencies.php, (3) exchange_rates.php, (4) gl_account_types.php, and (5) gl_accounts.php in gl/manage/; and (6) audit_trail_db.inc, (7) comments_db.inc, (8) inventory_db.inc, (9) manufacturing_db.inc, and (10) references_db.inc in includes/db/.
CVE-2008-1177 1 Affiliate Market 1 Affiliate Market 2026-04-23 N/A
SQL injection vulnerability in shop/detail.php in Affiliate Market (affmarket) 0.1 BETA allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-3913 1 Xerox 1 Fiery Webtools 2026-04-23 N/A
SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter.
CVE-2008-2554 1 Bp Blog 1 Bp Blog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp.
CVE-2008-2422 1 Webslider 1 Webslider 2026-04-23 N/A
SQL injection vulnerability in index.php in Web Slider 0.6 allows remote attackers to execute arbitrary SQL commands via the slide parameter in a slides action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-3835 2 Joomla, Whorl Ltd 2 Joomla, Jshop 2026-04-23 N/A
SQL injection vulnerability in the JShop (com_jshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a product action to index.php.
CVE-2025-56216 1 Phpgurukul 1 Hospital Management System 2026-04-22 8.5 High
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in about-us.php via the pagetitle parameter.
CVE-2025-56215 1 Phpgurukul 1 Hospital Management System 2026-04-22 6.5 Medium
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in contact.php via the pagetitle parameter.
CVE-2025-56214 1 Phpgurukul 1 Hospital Management System 2026-04-22 9.8 Critical
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter.
CVE-2025-57147 1 Phpgurukul 1 Complaint Management System 2026-04-22 7.5 High
A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The vulnerability is due to lack of input validation of multiple parameters including fullname, email, and contactno in user/registration.php.