Export limit exceeded: 19569 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19569 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1548 | 1 Webwizguide | 1 Web Wiz Forums | 2026-04-23 | N/A |
| SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp. | ||||
| CVE-2009-4595 | 1 Phpwares | 1 Php Inventory | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP Inventory 1.2 allows remote authenticated users to execute arbitrary SQL commands via the sup_id parameter in a suppliers details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-6311 | 1 Falt4 Cms | 1 Falt4 Extreme Rc4 | 2026-04-23 | N/A |
| SQL injection vulnerability in (1) index.php, and possibly (2) admin/index.php, in Falt4Extreme RC4 10.9.2007 allows remote attackers to execute arbitrary SQL commands via the nav_ID parameter. | ||||
| CVE-2008-3366 | 1 Pligg | 1 Pligg Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2008-1774. | ||||
| CVE-2007-6338 | 1 Trivantis | 1 Coursemill Enterprise Learning Management System | 2026-04-23 | N/A |
| SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote attackers to execute arbitrary SQL commands via the user parameter (username field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6362 | 1 Joomla | 1 Rs Gallery2 | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the RSGallery (com_rsgallery) 2.0 beta 5 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an inline page action. | ||||
| CVE-2010-0343 | 1 Typo3 | 2 Pb Clanlist, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Clan Users List (pb_clanlist) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-0339 | 1 Typo3 | 2 Typo3, Vm19 Userlinks | 2026-04-23 | N/A |
| SQL injection vulnerability in the User Links (vm19_userlinks) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-6392 | 1 Dominion Web | 1 Dwdirectory | 2026-04-23 | N/A |
| SQL injection vulnerability in DWdirectory 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the search parameter to the /search URI. | ||||
| CVE-2007-6393 | 1 Ace Image Hosting Script | 1 Ace Image Hosting Script | 2026-04-23 | N/A |
| SQL injection vulnerability in albums.php in Ace Image Hosting Script allows remote authenticated users to execute arbitrary SQL commands via the id parameter in editalbum mode. | ||||
| CVE-2010-0338 | 1 Typo3 | 2 Ttpedit, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the TT_Products editor (ttpedit) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-3918 | 1 Ovidentia | 1 Ovidentia | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the field parameter in a search action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2791 | 1 Kalptaru Infotech | 1 Comparison Engine Power Script | 2026-04-23 | N/A |
| SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-2152 | 1 Isabela Gasparini | 1 Adaptweb | 2026-04-23 | N/A |
| SQL injection vulnerability in a_index.php in AdaptWeb 0.9.2 allows remote attackers to execute arbitrary SQL commands via the CodigoDisciplina parameter in a TopicosCadastro1 action. | ||||
| CVE-2008-3369 | 1 Viart | 1 Viart Shop | 2026-04-23 | N/A |
| SQL injection vulnerability in products_rss.php in ViArt Shop 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||
| CVE-2008-3370 | 1 Emc | 1 Centera Universal Access | 2026-04-23 | N/A |
| SQL injection vulnerability in the CUA Login Module in EMC Centera Universal Access (CUA) 4.0_4735.p4 allows remote attackers to execute arbitrary SQL commands via the user (user name) field. | ||||
| CVE-2007-6462 | 1 Php Real Estate Classifieds | 1 Php Real Estate Classifieds Premium Plus | 2026-04-23 | N/A |
| SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-6106 | 1 Alstrasoft | 1 E-friends | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98 and earlier allows remote attackers to execute arbitrary SQL commands via the seid parameter in a viewevent action. | ||||
| CVE-2007-6517 | 1 Aeries | 1 Aeries Browser Interface | 2026-04-23 | N/A |
| SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6543 | 1 Esyndicat | 1 Esyndicat Link Exchange | 2026-04-23 | N/A |
| SQL injection vulnerability in suggest-link.php in eSyndiCat Link Exchange Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||