Export limit exceeded: 361816 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19569 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19569 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-6157 1 Michaelis Freunde 1 Contentnow 2026-04-23 N/A
SQL injection vulnerability in index.php in ContentNow 1.39 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter. NOTE: this issue can be leveraged for path disclosure with an invalid pageid parameter.
CVE-2009-4200 2 Joomla, Vollmar 2 Joomla\!, Com Seminar 2026-04-23 N/A
SQL injection vulnerability in the Seminar (com_seminar) component 1.28 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a View_seminar action to index.php.
CVE-2008-2917 1 Preprojects 1 E-smart Cart 2026-04-23 N/A
SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
CVE-2008-2921 1 Eztechhelp Company 1 Ezcms 2026-04-23 N/A
SQL injection vulnerability in index.php in EZTechhelp EZCMS 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-4877 1 Mywebcards 1 Webcards 2026-04-23 N/A
SQL injection vulnerability in admin.php in WebCards 1.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4882 1 Yourfreeworld 1 Autoresponder Hosting Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld Autoresponder Hosting Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4890 1 1st News 1 4 Professional 2026-04-23 N/A
SQL injection vulnerability in products.php in 1st News 4 Professional (PR 1) allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2439 1 Web Development House 1 Alibaba Clone 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Web Development House Alibaba Clone allow remote attackers to execute arbitrary SQL commands via the (1) IndustryID parameter to category.php and the (2) SellerID parameter to supplier/view_contact_details.php. NOTE: this is a product that was developed by a third party; it is not associated with alibaba.com or the Alibaba Group.
CVE-2007-4716 1 Phd 1 Help Desk 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2989 1 Homap 1 Homap 2026-04-23 N/A
SQL injection vulnerability in index.php in HoMaP-CMS 0.1 allows remote attackers to execute arbitrary SQL commands via the go parameter.
CVE-2007-5131 1 Interspire 1 Activekb Nx 2026-04-23 N/A
SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. NOTE: it was separately reported that ActiveKB 1.5 is also affected.
CVE-2009-4456 1 Greendesktiny 1 Green Desktiny 2026-04-23 N/A
SQL injection vulnerability in news_detail.php in Green Desktiny 2.3.1, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3025 1 Plx Web Studio 1 Plx Ad Trader 2026-04-23 N/A
SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in a redir action.
CVE-2009-4208 1 Open-school 1 Open-school 2026-04-23 N/A
SQL injection vulnerability in the os_news module in Open-school (OS) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php.
CVE-2008-3026 1 Oneclick Cms 1 Oneclick Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet CMS) 2008-01-24 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3030 1 Efes Tech Shop 1 Efes Tech Shop 2026-04-23 N/A
SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action.
CVE-2008-2669 1 Y-blog 1 Yblog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote attackers to execute arbitrary SQL commands via (1) the q parameter to search.php, or the n parameter to (2) user.php or (3) uss.php.
CVE-2007-1034 1 Php-nuke 1 Emporium Module 2026-04-23 N/A
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
CVE-2008-3965 1 Mybb 1 Mybb 2026-04-23 N/A
SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.4.1 allows remote attackers to execute arbitrary SQL commands via a certain editor field.
CVE-2008-3952 1 Editeurscripts Esfaq 1 2.0 2026-04-23 N/A
SQL injection vulnerability in questions.php in EsFaq 2.0 allows remote attackers to execute arbitrary SQL commands via the idcat parameter.