Export limit exceeded: 18849 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18849 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4431 | 1 Icebb | 1 Icebb | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and earlier allows remote attackers to execute arbitrary SQL commands via the skin parameter, probably related to an incorrect protection mechanism in the clean_string function in includes/functions.php. | ||||
| CVE-2008-0491 | 1 Fgallery Project | 1 Fgallery | 2026-04-23 | N/A |
| SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the album parameter. | ||||
| CVE-2008-0355 | 1 Phpecho Cms | 1 Phpecho Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866. | ||||
| CVE-2008-3307 | 1 Youtube Blog | 1 Youtube Blog | 2026-04-23 | N/A |
| SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306. | ||||
| CVE-2008-6372 | 1 Ocean12tech | 1 Faq Manager Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a Cat action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3750 | 1 Yourfreeworld | 1 Url Rotator Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2765 | 1 Xigla | 1 Absolute Image Gallery Xe | 2026-04-23 | N/A |
| SQL injection vulnerability in gallery.asp in Xigla Absolute Image Gallery XE allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action. | ||||
| CVE-2008-6003 | 1 Aj Square | 1 Aj Auction | 2026-04-23 | N/A |
| SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote attackers to execute arbitrary SQL commands via the seller_id parameter. | ||||
| CVE-2008-3306 | 1 Youtube Blog | 1 Youtube Blog | 2026-04-23 | N/A |
| SQL injection vulnerability in info.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3307. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-5704 | 1 Codewidgets | 1 Online Event Registration Template | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow remote attackers to execute arbitrary SQL commands via the (1) Email Address and (2) Password fields in (a) login.asp and (b) admin_login.asp. | ||||
| CVE-2008-1631 | 1 Emedia Office Gmbh | 1 Cuteflow | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter, related to the login form field in index.php. | ||||
| CVE-2008-6350 | 1 Turnkeyforms | 1 Local Classifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter. | ||||
| CVE-2007-5123 | 1 Solidweb | 1 Novus | 2026-04-23 | N/A |
| SQL injection vulnerability in notas.asp in Novus 1.0 allows remote attackers to execute arbitrary SQL commands via the nota_id parameter. | ||||
| CVE-2008-3414 | 1 Siteadmin | 1 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in line2.php in SiteAdmin allows remote attackers to execute arbitrary SQL commands via the art parameter. | ||||
| CVE-2007-6291 | 1 Xigla | 1 Absolute Banner Manager.net | 2026-04-23 | N/A |
| SQL injection vulnerability in abm.aspx in Xigla Absolute Banner Manager .NET 4.0 allows remote attackers to execute arbitrary SQL commands via the z parameter. | ||||
| CVE-2008-1911 | 1 1024 Cms | 1 1024 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a cookpass cookie. | ||||
| CVE-2008-5652 | 1 Myiosoft | 1 Easybookmarker | 2026-04-23 | N/A |
| SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2417 | 1 How2asp | 1 Webboard | 2026-04-23 | N/A |
| SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard 4.1 allows remote attackers to execute arbitrary SQL commands via the qNo parameter. | ||||
| CVE-2008-4376 | 1 Livetvscript | 1 Live Tv Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Live TV Script allows remote attackers to execute arbitrary SQL commands via the mid parameter. | ||||
| CVE-2008-2770 | 1 Mycrocms | 1 Mycrocms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the entry_id parameter. | ||||