Export limit exceeded: 19562 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19562 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-3334 2 Joomla, Lhacky 2 Joomla\!, Com Jinc 2026-04-23 N/A
SQL injection vulnerability in the Lhacky! Extensions Cave Joomla! Integrated Newsletters Component (aka JINC or com_jinc) component 0.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a messages action to index.php.
CVE-2009-3327 1 Webilix 1 Wx-guestbook 2026-04-23 N/A
Multiple SQL injection vulnerabilities in WX-Guestbook 1.1.208 allow remote attackers to execute arbitrary SQL commands via the (1) QUERY parameter to search.php and (2) USERNAME parameter to login.php. NOTE: some of these details are obtained from third party information.
CVE-2009-3316 2 Jforjoomla, Joomla 2 Com Jreservation, Joomla 2026-04-23 N/A
SQL injection vulnerability in the JReservation (com_jreservation) component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php.
CVE-2009-3313 1 Fmyclone 1 Fmyclone 2026-04-23 N/A
Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to (1) index.php and (2) editComments.php, and (3) allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action to edit.php.
CVE-2007-5068 1 Phpfullannu 1 Phpfullannu 2026-04-23 N/A
SQL injection vulnerability in index.php in phpFullAnnu (PFA) 6.0 allows remote attackers to execute arbitrary SQL commands via the mod parameter.
CVE-2008-3341 1 Jobbex 1 Jobsite 2026-04-23 N/A
Multiple SQL injection vulnerabilities in search_result.cfm in Jobbex JobSite allow remote attackers to execute arbitrary SQL commands via the (1) jobcountryid and (2) jobstateid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3359 1 Owl 1 Intranet Knowledgebase 2026-04-23 N/A
SQL injection vulnerability in register.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1982 1 Wordpress 2 Wordpress, Wpss 2026-04-23 N/A
SQL injection vulnerability in ss_load.php in the Spreadsheet (wpSS) 0.6 and earlier plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter.
CVE-2008-2556 1 Hessel Brouwer 1 Php Visit Counter 2026-04-23 N/A
SQL injection vulnerability in read.php in PHP Visit Counter 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the datespan parameter in a read action.
CVE-2009-1256 1 Flexcms 1 Flexcms 2026-04-23 N/A
SQL injection vulnerability in FlexCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the ItemId parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-2167 1 Egyplus 1 7ammel 2026-04-23 N/A
Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter.
CVE-2008-1316 1 Qt-cute 1 Quicktalk Forum 2026-04-23 N/A
SQL injection vulnerability in qtf_ind_search_ov.php in QT-cute QuickTalk Forum 1.6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2423 1 Ebayclonescript 1 Ebay Clone 2026-04-23 N/A
SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter in a list action.
CVE-2008-1714 1 Fascript 1 Faphoto 2026-04-23 N/A
SQL injection vulnerability in show.php in FaScript FaPhoto 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4895 1 Yourfreeworld 1 Downline Builder Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld Downline Builder allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2242 1 Aaronoutpost 1 Asp Inline Corporate Calendar 2026-04-23 N/A
SQL injection vulnerability in active_appointments.asp in ASP Inline Corporate Calendar allows remote attackers to execute arbitrary SQL commands via the order parameter.
CVE-2008-5573 1 Adcomplete 1 Poll Pro 2026-04-23 N/A
SQL injection vulnerability in the login feature in Poll Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) Password and (2) username parameters.
CVE-2008-4806 1 Ibm 1 Lotus Connections 2026-04-23 N/A
Multiple SQL injection vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to execute arbitrary SQL commands via the sortField parameter to unspecified components. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-4804 2 Nukedgallery, Phpnuke 2 Gallery, Php-nuke 2026-04-23 N/A
SQL injection vulnerability in the Gallery module 1.3 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the aid parameter in a showalbum action to index.php. NOTE: some of these details are obtained from third party information. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
CVE-2008-4785 1 E107 2 Alternate Profiles Plugin, E107 2026-04-23 N/A
SQL injection vulnerability in newuser.php in the alternate_profiles plugin, possibly 0.2, for e107 allows remote attackers to execute arbitrary SQL commands via the id parameter.