Export limit exceeded: 19542 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19542 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2484 | 1 Xomol | 1 Xomol Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter. | ||||
| CVE-2008-5486 | 1 Turnkeyforms | 1 Text Link Sales | 2026-04-23 | N/A |
| SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5490 | 1 Phpstore | 1 Yahoo Answers | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHPStore Yahoo Answers allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2380 | 1 Courier-mta | 1 Courtier-authlib | 2026-04-23 | N/A |
| SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes. | ||||
| CVE-2008-4736 | 1 Aves | 1 Rpg Board | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the showtopic parameter. | ||||
| CVE-2008-2384 | 3 Apache, Joey Schulze, Redhat | 3 Http Server, Mod Auth Mysql, Enterprise Linux | 2026-04-23 | N/A |
| SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request. | ||||
| CVE-2008-2393 | 1 Entertainmentscript | 1 Entertainmentscript | 2026-04-23 | N/A |
| SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4757 | 1 Php-daily | 1 Php-daily | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHP-Daily allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) add_postit.php (b) delete.php, and (c) mod_prest_date.php; and the (2) prev parameter to (d) prest_detail.php. | ||||
| CVE-2009-1746 | 1 Diangemilang | 1 Dgnews | 2026-04-23 | N/A |
| SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2008-2447 | 1 Mytipper | 1 Zogo Shop | 2026-04-23 | N/A |
| SQL injection vulnerability in products.php in the Mytipper ZoGo-shop plugin 1.15.5 and 1.16 Beta 13 for e107 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2009-1453 | 1 Anoochit Chalothorn | 1 Tiny Blogr | 2026-04-23 | N/A |
| SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the txtUsername parameter (aka the Username field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1741 | 1 Dutchmonkey | 1 Dm Filemanager | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. | ||||
| CVE-2008-2412 | 1 Acgv.free | 1 Acgv News | 2026-04-23 | N/A |
| SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2417 | 1 How2asp | 1 Webboard | 2026-04-23 | N/A |
| SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard 4.1 allows remote attackers to execute arbitrary SQL commands via the qNo parameter. | ||||
| CVE-2008-4760 | 1 Graphiks | 1 Myforum | 2026-04-23 | N/A |
| SQL injection vulnerability in lecture.php in Graphiks MyForum 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-1584 | 1 R020 | 1 Tematres | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, when magic_quotes_gpc is disabled, allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) mail, (2) password, and (3) letra parameters to index.php; (4) y and (5) m parameters to sobre.php; and the (6) dcTema, (7) madsTema, (8) zthesTema, (9) skosTema, and (10) xtmTema parameters to xml.php. | ||||
| CVE-2008-2443 | 1 Therealestatescript | 1 The Real Estate Script | 2026-04-23 | N/A |
| SQL injection vulnerability in dpage.php in The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the docID parameter. | ||||
| CVE-2009-0431 | 1 Codefixer | 1 Linkspro | 2026-04-23 | N/A |
| SQL injection vulnerability in Default.asp in LinksPro Standard Edition allows remote attackers to execute arbitrary SQL commands via the OrderDirection parameter. | ||||
| CVE-2009-0401 | 1 Ephpscripts | 1 E-php Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2007-1163 | 1 Webspell | 1 Webspell | 2026-04-23 | N/A |
| SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2007-1019, CVE-2006-5388, and CVE-2006-4783. | ||||