Export limit exceeded: 361844 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19570 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19570 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2921 1 Eztechhelp Company 1 Ezcms 2026-04-23 N/A
SQL injection vulnerability in index.php in EZTechhelp EZCMS 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-5000 1 Phpx 1 Phpx 2026-04-23 N/A
SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via uppercase characters in the news_id parameter.
CVE-2008-6517 1 Nick Jenkin 1 Newshowler 2026-04-23 N/A
SQL injection vulnerability in NewsHOWLER 1.03 Beta allows remote attackers to execute arbitrary SQL commands via the news_user cookie parameter.
CVE-2008-6509 1 Igniterealtime 1 Openfire 2026-04-23 N/A
SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp.
CVE-2008-4457 1 Memht 1 Memht Portal 2026-04-23 N/A
SQL injection vulnerability in inc/inc_statistics.php in MemHT Portal 3.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a stats_res cookie to index.php.
CVE-2008-5037 1 Elkagroup 1 Image Gallery 2026-04-23 N/A
SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-6489 2 Huseyin Bora Abaci, Joomla 2 Com Myalbum, Joomla 2026-04-23 N/A
SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the album parameter to index.php.
CVE-2008-6484 1 Mole-group 1 Taxi Calc Dist Script 2026-04-23 N/A
SQL injection vulnerability in login.php in Mole Group Taxi Map Script (aka Taxi Calc Dist Script) allows remote attackers to execute arbitrary SQL commands via the user field.
CVE-2008-3343 1 Myiosoft 1 Easypublish 2026-04-23 N/A
SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr (trial edition) allows remote attackers to execute arbitrary SQL commands via the read parameter in a search action.
CVE-2009-4437 1 Activewebsoftwares 1 Active Auction House 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Active Auction House 3.6 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to wishlist.asp and the (2) linkid parameter to links.asp. NOTE: vector 1 might overlap CVE-2005-1029.1.
CVE-2007-4056 1 Adult Directory 1 Adult Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Prozilla Adult Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. NOTE: the original report indicated that this was the "photo" SourceForge project (aka Maan Bsat Photo Collection), but that was incorrect.
CVE-2007-5951 1 E-vendejo 1 0.2 2026-04-23 N/A
SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3351 1 Atomphotoblog 1 Atomphotoblog 2026-04-23 N/A
SQL injection vulnerability in atomPhotoBlog.php in Atom PhotoBlog 1.0.9.1 and 1.1.5b1 allows remote attackers to execute arbitrary SQL commands via the photoId parameter in a show action.
CVE-2007-6380 1 E-xoops 1 E-xoops 2026-04-23 N/A
Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08, and 1.05 Rev 1 through 3, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to (a) mylinks/ratelink.php, (b) adresses/ratefile.php, (c) mydownloads/ratefile.php, (d) mysections/ratefile.php, and (e) myalbum/ratephoto.php in modules/; the (2) bid parameter to (f) modules/banners/click.php; and the (3) gid parameter to (g) modules/arcade/index.php in a show_stats and play_game action, related issues to CVE-2007-5104 and CVE-2007-6266.
CVE-2008-4902 1 Scripts Frenzy 1 Article Publisher Pro 2026-04-23 N/A
SQL injection vulnerability in contact_author.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter.
CVE-2008-6378 1 Mxmania 1 Calendar Mx Professional 2026-04-23 N/A
SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-3386 1 Alstrasoft 1 Video Share Enterprise 2026-04-23 N/A
SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote attackers to execute arbitrary SQL commands via the UID parameter, a different vector than CVE-2007-4086.
CVE-2008-3387 1 Phpfootball 1 Phpfootball 2026-04-23 N/A
SQL injection vulnerability in show.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the dbtable parameter.
CVE-2008-5054 1 Develop It Easy 1 Membership System 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters to customer_login.php and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-3403 1 Mojoscripts 1 Mojopersonals 2026-04-23 N/A
SQL injection vulnerability in mojoClassified.cgi in MojoPersonals allows remote attackers to execute arbitrary SQL commands via the cat parameter.