Export limit exceeded: 19651 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19651 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1520 | 1 Fuzzymonkey | 1 Myclassifieds | 2026-04-16 | N/A |
| SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter. | ||||
| CVE-2003-1532 | 1 Julien Desaunay | 1 Phpmyshop | 2026-04-16 | N/A |
| SQL injection vulnerability in compte.php in PhpMyShop 1.00 allows remote attackers to execute arbitrary SQL commands via the (1) identifiant and (2) password parameters. | ||||
| CVE-2006-2301 | 1 Ozzywork | 1 Galeri | 2026-04-16 | N/A |
| SQL injection vulnerability in admin_default.asp in OzzyWork Galeri allows remote attackers to execute arbitrary SQL commands via the (1) Login or (2) password fields. | ||||
| CVE-2006-3904 | 1 Etomite | 1 Etomite | 2026-04-16 | N/A |
| SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2005-4246 | 1 Plogger | 1 Plogger | 2026-04-16 | N/A |
| SQL injection vulnerability in Plogger Beta 2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php and (2) page parameter. | ||||
| CVE-2005-3497 | 1 Phphandicapper | 1 Php Handicapper | 2026-04-16 | N/A |
| SQL injection vulnerability in process_signup.php in PHP Handicapper allows remote attackers to execute arbitrary SQL commands via the serviceid parameter. NOTE: on 20060210, the vendor disputed this issue, saying "this is 100% false reporting, this is a slander campaign from a customer who had a vulnerability in his SERVER not the software." However, followup investigation strongly suggests that the original report is correct | ||||
| CVE-2005-4058 | 1 Saralblog | 1 Saralblog | 2026-04-16 | N/A |
| SQL injection vulnerability in saralblog 1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to viewprofile.php. | ||||
| CVE-2006-2259 | 1 Maxxcode | 1 Maxxschedule | 2026-04-16 | N/A |
| SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbitrary SQL commands via the txtLogon parameter. | ||||
| CVE-2005-4244 | 1 Snipegallery | 1 Snipe Gallery | 2026-04-16 | N/A |
| SQL injection vulnerability in Snipe Gallery 3.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) gallery_id parameter to view.php and (2) image_id parameter to image.php. | ||||
| CVE-2006-3688 | 1 Francisco Charrua | 1 Photo-gallery | 2026-04-16 | N/A |
| SQL injection vulnerability in Room.php in Francisco Charrua Photo-Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-2239 | 1 Tuomas Airaksinen | 1 Newsadmin | 2026-04-16 | N/A |
| SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows remote attackers to execute arbitrary SQL commands via the nid parameter. | ||||
| CVE-2005-3996 | 1 Zen-cart | 1 Zen Cart | 2026-04-16 | N/A |
| SQL injection vulnerability in admin/password_forgotten.php in Zen Cart 1.2.6d and earlier allows remote attackers to execute arbitrary SQL commands via the admin_email parameter. | ||||
| CVE-2006-4010 | 1 Vwar | 1 Virtual War | 2026-04-16 | N/A |
| SQL injection vulnerability in war.php in Virtual War (Vwar) 1.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: other vectors are covered by CVE-2006-3139. | ||||
| CVE-2005-3046 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-16 | N/A |
| SQL injection vulnerability in password.php in PhpMyFaq 1.5.1 allows remote attackers to modify SQL queries and gain administrator privileges via the user field. | ||||
| CVE-2005-4199 | 1 Mybb | 1 Mybb | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) before 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) month, (2) day, and (3) year parameters in an addevent action in calendar.php; (4) threadmode and (5) showcodebuttons in an options action in usercp.php; (6) list parameter in an editlists action to usercp.php; (7) rating parameter in a rate action in member.php; and (8) rating parameter in either showthread.php or ratethread.php. | ||||
| CVE-2005-4195 | 2 Internet Scout, Internet Scout Project | 2 Scout Portal Toolkit, Scout Portal Toolkit | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Scout Portal Toolkit (SPT) 1.3.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the ParentId parameter in SPT--BrowseResources.php, (2) ResourceId parameter in SPT--FullRecord.php, (3) ResourceOffset parameter in SPT--Home.php, and (4) F_UserName and (5) F_Password in SPT--UserLogin.php. NOTE: it was later reported that vector 1 is also present in 1.4.0. | ||||
| CVE-2005-4040 | 1 Tawbaware | 1 Filelister | 2026-04-16 | N/A |
| SQL injection vulnerability in FileLister 0.51 and earlier allows remote attackers to execute arbitrary SQL commands via the search parameters, possibly the searchwhat parameter to definesearch.jsp. | ||||
| CVE-2003-1340 | 1 Phpnuke | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid (admin) cookie to the Web_Links module in a (2) viewlink, (3) MostPopular, or (4) NewLinksDate action, different vectors than CVE-2003-0279. | ||||
| CVE-2002-2277 | 1 Portail Web Php | 1 Portail Web Php | 2026-04-16 | N/A |
| SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables. | ||||
| CVE-2006-0123 | 1 Adn Forum | 1 Adn Forum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote attackers to execute arbitrary SQL commands via the (1) fid parameter in index.php and (2) pagid parameter in verpag.php, and possibly other vectors. | ||||