Export limit exceeded: 19542 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19542 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6652 | 1 Insanevisions | 1 Onecms | 2026-04-23 | N/A |
| SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the sitename parameter. | ||||
| CVE-2008-6653 | 3 Joomla, Mambo, Wh-com | 3 Joomla, Mambo, Com Webhosting | 2026-04-23 | N/A |
| SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | ||||
| CVE-2008-6656 | 1 Openautoclassifieds | 1 Open Auto Classifieds | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to listings.php and (2) the username field to login.php. | ||||
| CVE-2009-1263 | 2 Alikonweb, Joomla | 2 Com Bookjoomlas, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php. | ||||
| CVE-2008-5590 | 1 Kalptaru Infotech | 1 Product Sale Framework | 2026-04-23 | N/A |
| SQL injection vulnerability in customer.forumtopic.php in Kalptaru Infotech Product Sale Framework 0.1 beta allows remote attackers to execute arbitrary SQL commands via the forum_topic_id parameter. | ||||
| CVE-2009-0428 | 1 Dmxready | 1 Secure Document Library | 2026-04-23 | N/A |
| SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2009-4155 | 1 Eshopbuilder | 1 Eshopbuilde Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Eshopbuilde CMS allow remote attackers to execute arbitrary SQL commands via the sitebid parameter to (1) home-f.asp and (2) opinions-f.asp; (3) sitebid, (4) id, (5) secText, (6) client-ip, and (7) G_id parameters to more-f.asp; (8) sitebid, (9) id, (10) ma_id, (11) mi_id, (12) secText, (13) client-ip, and (14) G_id parameters to selectintro.asp; (15) sitebid, (16) secText, (17) adv_code, and (18) client-ip parameters to advcount.asp; (19) sitebid, (20) secText, (21) Grp_Code, (22) _method, and (23) client-ip parameters to advview.asp; and (24) sitebid, (25) secText, (26) newsId, and (27) client-ip parameters to dis_new-f.asp. | ||||
| CVE-2008-0880 | 1 Phpnuke | 1 Easycontent Module | 2026-04-23 | N/A |
| SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | ||||
| CVE-2008-5974 | 1 Activewebsoftwares | 1 Active Price Comparison | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.aspx in Active Price Comparison 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) password and (2) username fields. | ||||
| CVE-2008-2778 | 1 Revokesoft | 1 Revokebb | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/class_search.php in the Search System in RevokeBB 1.0 RC11 allows remote attackers to execute arbitrary SQL commands via the search parameter. | ||||
| CVE-2008-6606 | 1 Matpo | 1 Matpo Link | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6622 | 1 Webbdomian | 1 Post Card | 2026-04-23 | N/A |
| SQL injection vulnerability in choosecard.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02, 1.01, and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2008-2678 | 1 Telephone | 1 Telephone Directory 2008 | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) code parameter in a confirm_data action to edit1.php and the (2) id parameter to view_more.php. | ||||
| CVE-2009-2585 | 1 Mlffat | 1 Mlffat | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731. | ||||
| CVE-2009-2601 | 2 Joomla, Joomlaequipment | 2 Joomla\!, Juser | 2026-04-23 | N/A |
| SQL injection vulnerability in the Joomlaequipment (aka JUser or com_juser) component 2.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_profile action to index.php. | ||||
| CVE-2009-2604 | 1 Zenhelpdesk | 1 Zen Help Desk | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in adminlogin.asp in Zen Help Desk 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) userid (aka username) and (2) PassWord parameters to admin.asp. | ||||
| CVE-2009-2605 | 1 Traidnt | 1 Traidnt Up | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in adminquery.php in Traidnt Up 2.0 allow remote attackers to execute arbitrary SQL commands via (1) trupuser and (2) truppassword cookies to uploadcp/index.php. | ||||
| CVE-2009-2608 | 1 Chatelao | 1 Php Address Book | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to delete.php or (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2565. | ||||
| CVE-2009-2612 | 1 Prosmdr | 1 Prosmdr | 2026-04-23 | N/A |
| SQL injection vulnerability in login.aspx in ProSMDR allows remote attackers to execute arbitrary SQL commands via the txtUser parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-4716 | 1 Phd | 1 Help Desk | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||