Export limit exceeded: 19542 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19542 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-0333 2 Matthias Graubner, Typo3 2 Mg Help, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0332 2 Stefan Tannhaeuser, Typo3 2 Tv21 Talkshow, Typo3 2026-04-23 N/A
SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0329 2 Alex Kellner, Typo3 2 Powermail, Typo3 2026-04-23 N/A
SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript."
CVE-2008-6990 1 Ezphotogallery 1 Ezphotogallery 2026-04-23 N/A
SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-0324 2 Patrick Bauerochse, Typo3 2 Ref List, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Customer Reference List (ref_list) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-0883 1 Amunak 1 Blue Eye Cms 2026-04-23 N/A
SQL injection vulnerability in Blue Eye CMS 1.0.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the BlueEyeCMS_login cookie parameter.
CVE-2008-3416 1 Icebb 1 Icebb 2026-04-23 N/A
SQL injection vulnerability in modules/members.php in IceBB before 1.0-rc9.3 allows remote attackers to execute arbitrary SQL commands via the username parameter in a members action to index.php, related to an incorrect protection mechanism in the clean_string function in includes/functions.php.
CVE-2008-3414 1 Siteadmin 1 Cms 2026-04-23 N/A
SQL injection vulnerability in line2.php in SiteAdmin allows remote attackers to execute arbitrary SQL commands via the art parameter.
CVE-2008-1650 1 Myiosoft 1 Easynews 2026-04-23 N/A
SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edp_Help_Internal_News action.
CVE-2008-0469 1 Tiger Php News System 1 Tiger Php News System 2026-04-23 N/A
SQL injection vulnerability in index.php in Tiger Php News System (TPNS) 1.0b and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a newscat action.
CVE-2008-3374 1 Gregarius 1 Gregarius 2026-04-23 N/A
SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action.
CVE-2008-0487 1 The Net Guys 1 Aspired2protect 2026-04-23 N/A
Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: some of these details are obtained from third party information.
CVE-2008-1077 1 Mamboportal.com 1 Simpleboard 2026-04-23 N/A
SQL injection vulnerability in index.php in the Simpleboard (com_simpleboard) 1.0.3 Stable component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action.
CVE-2008-4303 1 Php-collab 1 Php-collab 2026-04-23 N/A
Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and earlier allow remote attackers to execute arbitrary SQL commands via the loginForm parameter to general/login.php, and unspecified other vectors.
CVE-2008-3347 1 Myiosoft 1 Easydynamicpages 2026-04-23 N/A
SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to execute arbitrary SQL commands via the read parameter.
CVE-2008-3345 1 Myiosoft 1 Easye-cards 2026-04-23 N/A
SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a pickup action.
CVE-2008-6952 1 Cms.maury91 1 Maurycms 2026-04-23 N/A
SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and earlier allows remote attackers to execute arbitrary SQL commands via the c parameter.
CVE-2008-3307 1 Youtube Blog 1 Youtube Blog 2026-04-23 N/A
SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306.
CVE-2008-3306 1 Youtube Blog 1 Youtube Blog 2026-04-23 N/A
SQL injection vulnerability in info.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3307. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1094 1 Barracuda Networks 1 Barracuda Spam Firewall 2026-04-23 N/A
SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter.