Export limit exceeded: 19542 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19542 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-2111 1 Oracle 1 Database Server 2026-04-23 N/A
SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 allows remote authenticated users to inject arbitrary SQL commands via unknown vectors, aka DB04. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB04 is actually for multiple vulnerabilities.
CVE-2007-2113 1 Oracle 1 Database Server 2026-04-23 N/A
SQL injection vulnerability in the Upgrade/Downgrade component (DBMS_UPGRADE_INTERNAL) for Oracle Database 10.1.0.5 allows remote authenticated users to execute arbitrary SQL commands via unknown vectors, aka DB07. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB07 is actually for multiple issues.
CVE-2007-2230 1 Broadcom 1 Cleverpath Portal 2026-04-23 N/A
SQL injection vulnerability in CA Clever Path Portal allows remote authenticated users to execute limited SQL commands and retrieve arbitrary database contents via (1) the ofinterest parameter in a light search query, (2) description parameter in the advanced search query, and possibly other vectors.
CVE-2008-2753 1 Paridel 1 Pooya Site Builder 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Pooya Site Builder (PSB) 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) xslIdn parameter to (a) utils/getXsl.aspx, and the (2) part parameter to (b) getXml.aspx and (c) getXls.aspx in utils/.
CVE-2008-2755 1 Jamm-media 1 Jamm Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in JAMM CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2567 2 Almondsoft, Joomla 2 Almond Classifieds, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 5.6.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2008-2763 1 Xigla 1 Absolute Live Support Xe 2026-04-23 N/A
SQL injection vulnerability in search.asp in Xigla Absolute Live Support XE 5.1 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter.
CVE-2009-0384 1 Adam Tomecek 1 Ownrs 2026-04-23 N/A
SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2789 1 Basic-cms 1 Basic-cms 2026-04-23 N/A
SQL injection vulnerability in pages/index.php in BASIC-CMS allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
CVE-2008-0498 1 Bigware 1 Bigware Shop 2026-04-23 N/A
SQL injection vulnerability in main_bigware_53.tpl.php in Bigware Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the pollid parameter in a results action to main_bigware_53.php.
CVE-2008-2793 1 Clip-share 1 Clipshare 2026-04-23 N/A
SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to execute arbitrary SQL commands via the tid parameter.
CVE-2008-2796 1 Freecms.us 1 Freecms 2026-04-23 N/A
SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-3788 1 Picturespro 1 Picturespro Photo Cart 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) qtitle, (2) qid, and (3) qyear parameters to (a) search.php, and the (4) email and (5) password parameters to (b) _login.php.
CVE-2007-2571 1 Xoops 1 Wfquotes Module 2026-04-23 N/A
SQL injection vulnerability in index.php in the wfquotes 1.0 0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the c parameter in a cat action.
CVE-2008-2917 1 Preprojects 1 E-smart Cart 2026-04-23 N/A
SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
CVE-2008-2921 1 Eztechhelp Company 1 Ezcms 2026-04-23 N/A
SQL injection vulnerability in index.php in EZTechhelp EZCMS 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-4877 1 Mywebcards 1 Webcards 2026-04-23 N/A
SQL injection vulnerability in admin.php in WebCards 1.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4882 1 Yourfreeworld 1 Autoresponder Hosting Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld Autoresponder Hosting Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2964 1 Researchguide 1 Researchguide 2026-04-23 N/A
SQL injection vulnerability in guide.php in ResearchGuide 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2971 1 Cistyle 1 Ciblog 2026-04-23 N/A
SQL injection vulnerability in links-extern.php in CiBlog 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.