Export limit exceeded: 362225 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362225 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19618 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19618 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5632 1 Activewebsoftwares 1 Active Time Billing 2026-04-23 N/A
SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information.
CVE-2008-5629 1 Turnkeyarcade 1 Turnkey Arcade Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a play action.
CVE-2008-5627 1 Activewebsoftwares 1 Active Trade 2026-04-23 N/A
SQL injection vulnerability in account.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter (aka Email field) or the (2) password parameter. NOTE: some of these details are obtained from third party information.
CVE-2006-7170 1 Koan Software 1 Mega Mall 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote attackers to execute arbitrary SQL commands via the (1) t, (2) productId, (3) sk, (4) x, or (5) so parameter to (a) product_review.php; or the (6) orderNo parameter to (b) order-track.php.
CVE-2007-5976 1 Phpmyadmin 1 Phpmyadmin 2026-04-23 N/A
SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.
CVE-2007-5991 1 Exo 1 Exophpdesk 2026-04-23 N/A
SQL injection vulnerability in index.php in ExoPHPdesk allows remote attackers to execute arbitrary SQL commands via the user parameter in a profile fn action.
CVE-2007-5996 1 Softbizscripts 1 Link Directory Script 2026-04-23 N/A
SQL injection vulnerability in searchresult.php in Softbiz Link Directory Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter, a related issue to CVE-2007-5449.
CVE-2007-5999 1 Softbizscripts 1 Softbiz Auctions Script 2026-04-23 N/A
SQL injection vulnerability in product_desc.php in Softbiz Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5267 1 Experts 1 Experts 2026-04-23 N/A
SQL injection vulnerability in answer.php in Experts 1.0.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the question_id parameter.
CVE-2008-3845 1 Craftysyntax 1 Crafty Syntax Live Help 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php.
CVE-2007-6084 1 Hotscripts 1 Clone Script 2026-04-23 N/A
SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-6634 1 Netbizcity 1 Faqmasterflexplus 2026-04-23 N/A
Multiple SQL injection vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to execute arbitrary SQL commands via the category_id parameter to faq.php, and unspecified other vectors involving additional scripts.
CVE-2007-6078 1 Skyportal 1 Skyportal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) nc_top.asp; (2) inc_bookmarks.asp, possibly involving a parameter passed from cp_main.asp; (3) inc_profile_functions.asp; or (4) inc_SUBSCRIPTIONS.asp; or the (5) Avatar_URL, (6) LINK1, or (7) LINK2 parameter to cp_main.asp in an EditIt action.
CVE-2007-6080 1 Bcoos 1 Bcoos 2026-04-23 N/A
SQL injection vulnerability in modules/banners/click.php in the banners module for bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the bid parameter. NOTE: it was later reported that 1.0.13 is also affected.
CVE-2007-6083 1 Icebb 1 Icebb 2026-04-23 N/A
SQL injection vulnerability in admin/index.php in IceBB 1.0-rc6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
CVE-2007-6138 1 Vu 1 Mass Mailer 2026-04-23 N/A
SQL injection vulnerability in redir.asp in VU Mass Mailer allows remote attackers to execute arbitrary SQL commands via the password parameter to Default.asp (aka the Login Page). NOTE: some of these details are obtained from third party information.
CVE-2007-6269 1 Xigla 1 Absolute News Manager.net 2026-04-23 N/A
Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in Absolute News Manager.NET 5.1 allow remote attackers to execute arbitrary SQL commands via the (1) z, (2) pz, (3) ord, and (4) sort parameters.
CVE-2007-6272 1 Joomla 1 Joomla 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 allow remote attackers to execute arbitrary SQL commands via (1) the view parameter to the com_content component, (2) the task parameter to the com_search component, or (3) the option parameter in a search action to the com_search component.
CVE-2007-6275 1 Bcoos 1 Bcoos 2026-04-23 N/A
SQL injection vulnerability in modules/adresses/ratefile.php in bcoos 1.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter, a different vector than CVE-2007-6266.
CVE-2007-6299 1 Drupal 1 Drupal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x before 4.7.9 and 5.x before 5.4 allow remote attackers to execute arbitrary SQL commands via modules that pass input to the taxonomy_select_nodes function, as demonstrated by the (1) taxonomy_menu, (2) ajaxLoader, and (3) ubrowser contributed modules.