Export limit exceeded: 346619 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18786 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3315 | 1 Nelogic | 1 Nephp Publisher | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/index.php in NeLogic Nephp Publisher Enterprise 3.5.9 and 4.5 allows remote attackers to execute arbitrary SQL commands via the Username field. | ||||
| CVE-2008-6042 | 1 Netartmedia | 1 Real Estate Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in the re_search module in NetArtMedia Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the ad parameter to index.php. | ||||
| CVE-2009-4199 | 3 Joomla, Mambo-foundation, Mamboforge | 3 Joomla\!, Mambo, Com Mosres | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos Res or com_mosres) component 1.0f for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) property_uid parameter in a viewproperty action to index.php and the (2) regID parameter in a showregion action to index.php. | ||||
| CVE-2007-6586 | 1 Niclor | 1 Niclor | 2026-04-23 | N/A |
| SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php. | ||||
| CVE-2008-5493 | 1 Phpstore | 2 Wholesale, Wholesales | 2026-04-23 | N/A |
| SQL injection vulnerability in track.php in PHPStore Wholesales (aka Wholesale) allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4465 | 1 Vastal I-tech | 1 Dvd Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_mags.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2009-3061 | 1 Alqa6ari | 1 Script Q R | 2026-04-23 | N/A |
| SQL injection vulnerability in lesson.php in Alqatari Q R Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4154 | 1 Living-e | 1 Webedition Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in living-e webEdition CMS allows remote attackers to execute arbitrary SQL commands via the we_objectID parameter. | ||||
| CVE-2008-4606 | 1 Ip Reg | 1 Ip Reg | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) location_id parameter to locationdel.php and (2) vlan_id parameter to vlanedit.php. NOTE: the vlanview.php and vlandel.php vectors are already covered by CVE-2007-6579. | ||||
| CVE-2008-4659 | 1 Typo3 | 2 Mannschaftsliste, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist) 1.0.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-4203 | 1 Czaries | 1 Czarnews | 2026-04-23 | N/A |
| SQL injection vulnerability in cn_users.php in CzarNews 1.20 and earlier allows remote attackers to execute arbitrary SQL commands via a recook cookie. | ||||
| CVE-2008-0827 | 1 Phpnuke | 1 Book | 2026-04-23 | N/A |
| SQL injection vulnerability in the Books module of PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-2847 | 1 Softdivision | 1 Maxtrade Aoi | 2026-04-23 | N/A |
| SQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 allows remote attackers to execute arbitrary SQL commands via the categori parameter in a pocategorisell action to modules.php. | ||||
| CVE-2008-2891 | 1 Emusoft | 1 Emucms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in eMuSOFT emuCMS 0.3 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a category action. | ||||
| CVE-2009-0333 | 1 Joomla | 2 Com Waticketsystem, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_waticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. | ||||
| CVE-2008-2890 | 1 Offl | 1 Online Fantasy Football League | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.php, the (2) league_id parameter to leagues.php, and the (3) player_id parameter to players.php. | ||||
| CVE-2008-6810 | 1 Bookingcentre | 1 Booking System For Hotels Group | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/checklogin.php in Venalsur Booking Centre Booking System for Hotels Group 2.01 allow remote attackers to execute arbitrary SQL commands via the (1) myusername (username) and (2) password parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0799 | 2 Joomla, Mambo | 2 Com Quiz, Com Quiz | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action. | ||||
| CVE-2008-6241 | 1 China-on-site | 1 Flexphpsite | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php. | ||||
| CVE-2008-0653 | 1 Joomla | 1 Com Ynews | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showYNews action. | ||||