Export limit exceeded: 19567 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19567 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0908 1 Schoolwires 1 Academic Portal 2026-04-23 N/A
SQL injection vulnerability in browse.asp in Schoolwires Academic Portal allows remote attackers to execute arbitrary SQL commands via the c parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0911 1 Iscripts 1 Multicart 2026-04-23 N/A
SQL injection vulnerability in productdetails.php in iScripts MultiCart 2.0 allows remote authenticated users to execute arbitrary SQL commands via the productid parameter.
CVE-2007-6168 1 Vu 1 Case Manager 2026-04-23 N/A
SQL injection vulnerability in default.asp in VU Case Manager allows remote attackers to execute arbitrary SQL commands via the username parameter, a different vector than CVE-2007-6143. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0920 1 Open Source Security Information Management 1 Os-sim 2026-04-23 N/A
SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 allows remote authenticated users to execute arbitrary SQL commands via the portname parameter, which is not properly handled by a validation regular expression.
CVE-2008-4154 1 Living-e 1 Webedition Cms 2026-04-23 N/A
SQL injection vulnerability in living-e webEdition CMS allows remote attackers to execute arbitrary SQL commands via the we_objectID parameter.
CVE-2008-0939 1 Wordpress 1 Photo Album Plugin 2026-04-23 N/A
Multiple SQL injection vulnerabilities in wppa.php in the WP Photo Album (WPPA) before 1.1 plugin for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the photo parameter to index.php, used by the wppa_photo_name function; or (2) the album parameter to index.php, used by the wppa_album_name function. NOTE: some of these details are obtained from third party information.
CVE-2008-4156 1 Customcms 1 Gaming Portal 2026-04-23 N/A
SQL injection vulnerability in print.php in CustomCms (CCMS) Gaming Portal 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6250 1 Comdev 1 Comdev Web Blogger 2026-04-23 N/A
SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page.
CVE-2007-6169 1 Gouae 1 Dwd Realty 2026-04-23 N/A
SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty allows remote attackers to execute arbitrary SQL commands via the uname parameter, a different vector than CVE-2007-6163. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0942 1 Aeries 1 Aeries Student Information System 2026-04-23 N/A
SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote attackers to execute arbitrary SQL commands via the GrdBk parameter.
CVE-2008-4157 1 Vastal 1 Phpvid 2026-04-23 N/A
SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected.
CVE-2008-4159 1 Zanfi Solutions 2 Jaw Portal, Zanfi Cms Lite 2026-04-23 N/A
SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter.
CVE-2008-4650 1 Mywebland 1 Myevent 2026-04-23 N/A
SQL injection vulnerability in viewevent.php in myEvent 1.6 allows remote attackers to execute arbitrary SQL commands via the eventdate parameter.
CVE-2008-4643 1 Mywebland 1 Mystats 2026-04-23 N/A
SQL injection vulnerability in hits.php in myWebland myStats allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
CVE-2007-6172 1 Wire Plastic Design 1 Wpquiz 2026-04-23 N/A
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.
CVE-2008-4169 1 Iscripts 1 Easyindex 2026-04-23 N/A
SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote attackers to execute arbitrary SQL commands via the produid parameter.
CVE-2008-4173 1 Proarcadescript 1 Proarcadescript 2026-04-23 N/A
SQL injection vulnerability in ProArcadeScript 1.3 allows remote attackers to execute arbitrary SQL commands via the random parameter to the default URI.
CVE-2008-3673 1 Pozscripts 1 Classified Ads 2026-04-23 N/A
SQL injection vulnerability in browsecats.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3672.
CVE-2008-4175 1 Linkbidscript 1 Linkbidscript 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php.
CVE-2008-4176 1 Asp Indir 1 Fot Video Scripti 2026-04-23 N/A
SQL injection vulnerability in izle.asp in FoT Video scripti 1.1 beta allows remote attackers to execute arbitrary SQL commands via the oyun parameter.