Export limit exceeded: 18852 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18852 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2607 | 2 Joomla, Pinme | 2 Joomla, Com Pinboard | 2026-04-23 | N/A |
| SQL injection vulnerability in the com_pinboard component for Joomla! allows remote attackers to execute arbitrary SQL commands via the task parameter in a showpic action to index.php. | ||||
| CVE-2009-2097 | 1 Zokisoft | 1 Zoki Catalog | 2026-04-23 | N/A |
| SQL injection vulnerability in system/application/controllers/catalog.php in Zoki Soft Zoki Catalog (aka Smart Catalog) allows remote attackers to execute arbitrary SQL commands via the search_text parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4200 | 2 Joomla, Vollmar | 2 Joomla\!, Com Seminar | 2026-04-23 | N/A |
| SQL injection vulnerability in the Seminar (com_seminar) component 1.28 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a View_seminar action to index.php. | ||||
| CVE-2008-6457 | 2 Typo3, Walnutstreet | 2 Typo3, Cgswigmore | 2026-04-23 | N/A |
| SQL injection vulnerability in the Swigmore institute (cgswigmore) extension before 0.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-0802 | 2 Joomla, Mediaslide | 2 Com Mediaslide, Com Mediaslide | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the MediaSlide (com_mediaslide) 0.5 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the albumnum parameter in a contact action. | ||||
| CVE-2009-4208 | 1 Open-school | 1 Open-school | 2026-04-23 | N/A |
| SQL injection vulnerability in the os_news module in Open-school (OS) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php. | ||||
| CVE-2009-1410 | 1 Opensolution | 1 Quick.cms.lite | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-2339 | 1 Rentventory | 1 Rentventory | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Rentventory allows remote attackers to execute arbitrary SQL commands via the product parameter. | ||||
| CVE-2008-2963 | 1 Myblog | 1 Myblog | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in MyBlog allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to (a) index.php, and the (2) id parameter to (b) member.php and (c) post.php. | ||||
| CVE-2009-1910 | 1 Rafal Kucharski | 1 Rtwebalbum | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in RTWebalbum 1.0.462 allows remote attackers to execute arbitrary SQL commands via the AlbumId parameter. | ||||
| CVE-2009-0339 | 1 Dmxready | 1 Blog Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to execute arbitrary SQL commands via the itemID parameter in a view action. | ||||
| CVE-2008-6263 | 1 Infireal | 1 Saturncms | 2026-04-23 | N/A |
| SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the username parameter to the _userLoggedIn function. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2223 | 1 Buyscripts | 1 Vshare Youtube Clone | 2026-04-23 | N/A |
| SQL injection vulnerability in group_posts.php in vShare YouTube Clone 2.6 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | ||||
| CVE-2007-5150 | 1 Nukescripts | 1 Nukesentinel | 2026-04-23 | N/A |
| SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie, a different vector than CVE-2007-5125. | ||||
| CVE-2009-3970 | 1 Phpdirsubmit | 1 Php Dir Submit | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP Dir Submit (aka WebsiteSubmitter or Submitter Script) allows remote authenticated users to execute arbitrary SQL commands via the aid parameter in a showarticle action. | ||||
| CVE-2008-3212 | 1 Scripteen | 1 Free Image Hosting Script | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting Script 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/login.php, or the (3) uname or (4) pass parameter to login.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2047 | 1 Aspindir | 1 Angelo-emlak | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp. | ||||
| CVE-2008-7040 | 2 Wordpress, Yellowswordfish | 2 Wordpress, Simple Forum | 2026-04-23 | N/A |
| SQL injection vulnerability in ahah/sf-profile.php in the Yellow Swordfish Simple Forum module for Wordpress allows remote attackers to execute arbitrary SQL commands via the u parameter. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect. | ||||
| CVE-2007-5991 | 1 Exo | 1 Exophpdesk | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in ExoPHPdesk allows remote attackers to execute arbitrary SQL commands via the user parameter in a profile fn action. | ||||
| CVE-2007-6362 | 1 Joomla | 1 Rs Gallery2 | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the RSGallery (com_rsgallery) 2.0 beta 5 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an inline page action. | ||||