Export limit exceeded: 18857 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18857 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0157 | 1 Flexbb | 1 Flexbb | 2026-04-23 | N/A |
| SQL injection vulnerability in FlexBB 0.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_temp_id parameter in a cookie. | ||||
| CVE-2008-2789 | 1 Basic-cms | 1 Basic-cms | 2026-04-23 | N/A |
| SQL injection vulnerability in pages/index.php in BASIC-CMS allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | ||||
| CVE-2008-0219 | 1 Php Webquest | 1 Php Webquest | 2026-04-23 | N/A |
| SQL injection vulnerability in soporte_horizontal_w.php in PHP Webquest 2.6 allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter, a different vector than CVE-2007-4920. | ||||
| CVE-2009-3118 | 1 Danneo | 1 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in mod/poll/comment.php in the vote module in Danneo CMS 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the comtext parameter, in conjunction with crafted comname and comtitle parameters, in a poll action to index.php, related to incorrect input sanitization in base/danneo.function.php. | ||||
| CVE-2008-0254 | 1 Wavelink Media | 1 Tutorialcms | 2026-04-23 | N/A |
| SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter. | ||||
| CVE-2008-0255 | 1 Igamingcms | 1 Igaming Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter. | ||||
| CVE-2008-0256 | 1 Matteo Binda | 1 Asp Photo Gallery | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and (c) thumbricerca.asp and the (2) ricerca parameter to (d) thumbricerca.asp. | ||||
| CVE-2009-3125 | 1 Mozilla | 1 Bugzilla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | ||||
| CVE-2008-0279 | 1 Xforum | 1 Xforum | 2026-04-23 | N/A |
| SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected. | ||||
| CVE-2008-0291 | 1 Hangzhou Rui-qiang | 1 Richstrong Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in showproduct.asp in RichStrong CMS allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-0614 | 1 Photokorn | 1 Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Photokorn Gallery 1.543 allows remote attackers to execute arbitrary SQL commands via the pic parameter in a showpic action. | ||||
| CVE-2008-0616 | 1 Dmsguestbook Project | 1 Dmsguestbook | 2026-04-23 | N/A |
| SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. NOTE: it is not clear whether this issue crosses privilege boundaries. | ||||
| CVE-2009-2361 | 1 Osticket | 1 Osticket | 2026-04-23 | N/A |
| SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter. | ||||
| CVE-2008-0649 | 1 Adp | 1 Astanda Directory Project | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.php in Astanda Directory Project (ADP) 1.2 and 1.3 allows remote attackers to execute arbitrary SQL commands via the link_id parameter. | ||||
| CVE-2008-0651 | 1 Pedro Santana Codice | 1 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-0653 | 1 Joomla | 1 Com Ynews | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showYNews action. | ||||
| CVE-2008-0670 | 1 Joomla | 1 Com Noticias | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Noticias (com_noticias) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detalhe action. | ||||
| CVE-2008-0678 | 1 Blogphp | 1 Blogphp | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a page action. | ||||
| CVE-2008-0682 | 1 Wordpress | 1 Wordspew | 2026-04-23 | N/A |
| SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin before 3.72 for Wordpress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0110 | 1 Riotpix | 1 Riotpix | 2026-04-23 | N/A |
| SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | ||||