Export limit exceeded: 19542 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19542 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6787 | 1 Jeremy Powers | 1 Lizardware Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in administrator/index.php in Lizardware CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the user. | ||||
| CVE-2008-2815 | 1 Mymarket | 1 Mymarket | 2026-04-23 | N/A |
| SQL injection vulnerability in shopping/index.php in MyMarket 1.72 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2817 | 1 Nitropowered | 1 Nitro Web Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in albums.php in NiTrO Web Gallery 1.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the CatId parameter in a show action. | ||||
| CVE-2009-4470 | 1 Dvbbs | 1 Dvbbs | 2026-04-23 | N/A |
| SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remote attackers to execute arbitrary SQL commands via the groupboardid parameter. | ||||
| CVE-2008-3767 | 1 Smartisoft | 1 Phpbazar | 2026-04-23 | N/A |
| SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | ||||
| CVE-2009-3961 | 1 Jos De Ruijter | 1 Superseriousstats | 2026-04-23 | N/A |
| SQL injection vulnerability in user.php in Super Serious Stats (aka superseriousstats) before 1.1.2p1 allows remote attackers to execute arbitrary SQL commands via the uid parameter, related to an "incorrect regexp." NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3964 | 2 Joomla, Ninjaforge | 2 Joomla\!, Com Ninjamonials | 2026-04-23 | N/A |
| SQL injection vulnerability in the NinjaMonials (com_ninjacentral) component 1.1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the testimID parameter in a display action to index.php. | ||||
| CVE-2008-3124 | 1 Mole Group | 1 Hotel Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote attackers to execute arbitrary SQL commands via the file parameter. | ||||
| CVE-2008-6258 | 1 Quadcomm | 1 Q-shop | 2026-04-23 | N/A |
| SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108. | ||||
| CVE-2008-6260 | 1 Ultrastats | 1 Ultrastats | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Ultrastats 0.2.144 and 0.3.11 allows remote attackers to execute arbitrary SQL commands via the serverid parameter. | ||||
| CVE-2009-3970 | 1 Phpdirsubmit | 1 Php Dir Submit | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP Dir Submit (aka WebsiteSubmitter or Submitter Script) allows remote authenticated users to execute arbitrary SQL commands via the aid parameter in a showarticle action. | ||||
| CVE-2008-3122 | 1 Xerox | 1 Centreware Web | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors. | ||||
| CVE-2009-3971 | 2 Joomla, Jtips | 2 Joomla\!, Com Jtips | 2026-04-23 | N/A |
| SQL injection vulnerability in the jTips (com_jtips) component 1.0.7 and 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the season parameter in a ladder action to index.php. | ||||
| CVE-2009-3973 | 1 Turnkeyarcade | 1 Turnkey Arcade Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a browse action, a different vector than CVE-2008-5629. | ||||
| CVE-2008-3089 | 1 Xpoze | 1 Xpoze Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter. | ||||
| CVE-2009-3974 | 1 Invisioncommunity | 1 Invision Power Board | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Invision Power Board (IPB or IP.Board) 3.0.0, 3.0.1, and 3.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) search_term parameter to admin/applications/core/modules_public/search/search.php and (2) aid parameter to admin/applications/core/modules_public/global/lostpass.php. NOTE: on 20090818, the vendor patched 3.0.2 without changing the version number. | ||||
| CVE-2008-3051 | 1 Typo3 | 1 Pinboard Extension | 2026-04-23 | N/A |
| SQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6405 | 1 Greatclone | 1 Hotscripts Clone | 2026-04-23 | N/A |
| SQL injection vulnerability in showcategory.php in Hotscripts Clone allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-6425 | 1 Comicshout | 1 Comicshout | 2026-04-23 | N/A |
| SQL injection vulnerability in news.php in ComicShout 2.8 allows remote attackers to execute arbitrary SQL commands via the news_id parameter, a different vector than CVE-2008-2456. | ||||
| CVE-2008-6434 | 1 Blueriver | 1 Sava Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to execute arbitrary SQL commands via the LinkServID parameter. | ||||