Export limit exceeded: 361694 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361694 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19567 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19567 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5213 | 1 Aj Square | 1 Aj Article | 2026-04-23 | N/A |
| SQL injection vulnerability in featured_article.php in AJ Article 1.0 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a search detail action. | ||||
| CVE-2007-5452 | 1 Php-stats | 1 Php-stats | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote attackers to execute arbitrary SQL commands via the (1) ip or (2) t parameter. | ||||
| CVE-2007-5458 | 1 Alorys-hebergement | 2 Kwsphp, Newsletter Module | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the newsletter module 1.0 for KwsPHP, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsletter parameter. | ||||
| CVE-2007-5508 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the CTXSYS Intermedia application for the Oracle Text component (CTX_DOC) in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) THEMES, (2) GIST, (3) TOKENS, (4) FILTER, (5) HIGHLIGHT, and (6) MARKUP procedures, aka DB03. NOTE: remote unauthenticated attack vectors exist when CTXSYS is used with oracle Application Server. | ||||
| CVE-2008-0491 | 1 Fgallery Project | 1 Fgallery | 2026-04-23 | N/A |
| SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the album parameter. | ||||
| CVE-2008-0511 | 2 Joomla, Mambo | 2 Com Mamml, Com Mamml | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | ||||
| CVE-2008-0515 | 2 Joomla, Mambo | 2 Musepoes Component, Musepoes Component | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action. | ||||
| CVE-2008-0517 | 3 Darko Selesi, Joomla, Mambo | 3 Estateagent, Joomla, Mambo | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action. | ||||
| CVE-2008-0519 | 2 Joomla, Mambo | 2 Com Jokes, Com Jokes | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Atapin Jokes (com_jokes) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a CatView action. | ||||
| CVE-2008-7114 | 1 Ifusionservices | 1 Ifdate | 2026-04-23 | N/A |
| SQL injection vulnerability in members_search.php in iFusion Services iFdate 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the name field. | ||||
| CVE-2008-6330 | 1 Jaia Interactive | 1 Mytopix | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MyTopix 1.3.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the send parameter in a notes action. | ||||
| CVE-2008-6328 | 1 Butterflymedia | 1 Butterfly Organizer | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in Butterfly Organizer 2.0.0 and 2.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0557 | 1 Mamboserver | 1 Catalogshop | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2008-1889 | 1 Xplodphp | 1 Autotutorials | 2026-04-23 | N/A |
| SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials 2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0561 | 3 Arthur Konze Webdesign, Joomla, Mambo | 3 Akogallery, Joomla, Mambo | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2008-0565 | 1 Deltascripts | 1 Php Links | 2026-04-23 | N/A |
| SQL injection vulnerability in vote.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6324 | 1 Cfmsource | 1 Cf Forum | 2026-04-23 | N/A |
| SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | ||||
| CVE-2008-5337 | 1 Multimania | 2 Bandsite Portal System, Bandwebsite | 2026-04-23 | N/A |
| SQL injection vulnerability in lyrics.php in Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4082 | 1 Brim-project | 1 Brim | 2026-04-23 | N/A |
| SQL injection vulnerability in the Tasks plugin in Brim 2.0.0, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via an arbitrary field in a search action to index.php. | ||||
| CVE-2008-0681 | 1 Phpshop | 1 Phpshop | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action. | ||||