Export limit exceeded: 19542 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19542 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3848 | 1 Pdesigner | 1 Z-breaknews | 2026-04-23 | N/A |
| SQL injection vulnerability in single.php in Z-Breaknews 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6250 | 1 Comdev | 1 Comdev Web Blogger | 2026-04-23 | N/A |
| SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page. | ||||
| CVE-2007-0520 | 1 Unique Ads | 1 Unique Ads | 2026-04-23 | N/A |
| SQL injection vulnerability in banner.php in Unique Ads (UDS) 1.x allows remote attackers to execute arbitrary SQL commands via the bid parameter. | ||||
| CVE-2007-0527 | 1 Website Baker | 1 Website Baker | 2026-04-23 | N/A |
| SQL injection vulnerability in the is_remembered function in class.login.php in Website Baker 2.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the REMEMBER_KEY cookie parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4650 | 1 Mywebland | 1 Myevent | 2026-04-23 | N/A |
| SQL injection vulnerability in viewevent.php in myEvent 1.6 allows remote attackers to execute arbitrary SQL commands via the eventdate parameter. | ||||
| CVE-2008-4643 | 1 Mywebland | 1 Mystats | 2026-04-23 | N/A |
| SQL injection vulnerability in hits.php in myWebland myStats allows remote attackers to execute arbitrary SQL commands via the sortby parameter. | ||||
| CVE-2008-3673 | 1 Pozscripts | 1 Classified Ads | 2026-04-23 | N/A |
| SQL injection vulnerability in browsecats.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3672. | ||||
| CVE-2008-3670 | 1 Articlefriendly | 1 Article Friendly | 2026-04-23 | N/A |
| SQL injection vulnerability in authordetail.php in Article Friendly Pro allows remote attackers to execute arbitrary SQL commands via the autid parameter. | ||||
| CVE-2007-5131 | 1 Interspire | 1 Activekb Nx | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. NOTE: it was separately reported that ActiveKB 1.5 is also affected. | ||||
| CVE-2008-3489 | 1 Phpx | 1 Phpx | 2026-04-23 | N/A |
| SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie. | ||||
| CVE-2008-3452 | 1 Endonesia | 2 Calendar Module, Endonesia | 2026-04-23 | N/A |
| SQL injection vulnerability in the Calendar module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the loc_id parameter in a list_events action to mod.php. | ||||
| CVE-2006-6402 | 1 Mystats | 1 Mystats | 2026-04-23 | N/A |
| SQL injection vulnerability in mystats.php in MyStats 1.0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the details parameter. | ||||
| CVE-2009-2290 | 2 Joomla, Kim Eckert | 2 Joomla\!, Com Bsadv | 2026-04-23 | N/A |
| SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) component 0.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) account or (2) event task to index.php. | ||||
| CVE-2008-4376 | 1 Livetvscript | 1 Live Tv Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Live TV Script allows remote attackers to execute arbitrary SQL commands via the mid parameter. | ||||
| CVE-2009-2269 | 1 Phome Empire | 1 Phome Empire Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in Empire CMS 5.1 allows remote attackers to execute arbitrary SQL commands via the bid parameter to the default URI under e/tool/gbook/. | ||||
| CVE-2008-4374 | 1 Cmsbuzz | 1 Cms Buzz | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in CMS Buzz allows remote attackers to execute arbitrary SQL commands via the id parameter in a playgame action. | ||||
| CVE-2009-2254 | 1 Zen-cart | 1 Zen Cart | 2026-04-23 | N/A |
| Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string parameter in an execute action, in conjunction with a PATH_INFO of password_forgotten.php, related to a "SQL Execution" issue. | ||||
| CVE-2009-2209 | 1 Rs-cms | 1 Rs-cms | 2026-04-23 | N/A |
| SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the key parameter. | ||||
| CVE-2009-0965 | 1 Ismail Fahmi | 1 Ganesha Digital Library | 2026-04-23 | N/A |
| SQL injection vulnerability in functions/browse.php in Ganesha Digital Library (GDL) 4.0 and 4.2 allows remote attackers to execute arbitrary SQL commands via the node parameter in a browse action to gdl.php. | ||||
| CVE-2009-2142 | 1 Zipstore | 1 Zip Store Chat | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/index.asp in Zip Store Chat 4.0 and 5.0 allow remote attackers to execute arbitrary SQL commands via the (1) login and (2) senha parameters. | ||||