Export limit exceeded: 18784 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18784 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-6565 | 1 Blakord | 1 Blakord Portal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to an arbitrary component. | ||||
| CVE-2008-0262 | 1 Agares Media | 1 Phpautovideo | 2026-04-23 | N/A |
| SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter. | ||||
| CVE-2008-5654 | 1 Myiosoft | 1 Easycalendar | 2026-04-23 | N/A |
| SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyCalendar 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter, a different vector than CVE-2008-1344. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0142 | 1 Webportal | 1 Webportal Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in WebPortal CMS 0.6-beta allow remote attackers to execute arbitrary SQL commands via the user_name parameter to actions.php, and unspecified other vectors. | ||||
| CVE-2008-5946 | 1 Php-fusion | 1 Php-fusion | 2026-04-23 | N/A |
| SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | ||||
| CVE-2008-3359 | 1 Owl | 1 Intranet Knowledgebase | 2026-04-23 | N/A |
| SQL injection vulnerability in register.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1584 | 1 R020 | 1 Tematres | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, when magic_quotes_gpc is disabled, allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) mail, (2) password, and (3) letra parameters to index.php; (4) y and (5) m parameters to sobre.php; and the (6) dcTema, (7) madsTema, (8) zthesTema, (9) skosTema, and (10) xtmTema parameters to xml.php. | ||||
| CVE-2008-6324 | 1 Cfmsource | 1 Cf Forum | 2026-04-23 | N/A |
| SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | ||||
| CVE-2007-5490 | 1 Okulumunsitesi | 1 Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Okul Otomasyon Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0707 | 1 Powerscripts | 1 Powerclan | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter (aka login field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6911 | 1 Brewblogger | 1 Brewblogger | 2026-04-23 | N/A |
| SQL injection vulnerability in the authenticateUser function in includes/authentication.inc.php in BrewBlogger (BB) 2.1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginUsername parameter to includes/logincheck.inc.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-5974 | 1 Jportal | 1 Jportal Web Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter. | ||||
| CVE-2008-0771 | 1 Site2nite | 1 Real Estate Web | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in default.asp in Site2Nite allow remote attackers to execute arbitrary SQL commands via the (1) txtUserName and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3341 | 1 Jobbex | 1 Jobsite | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in search_result.cfm in Jobbex JobSite allow remote attackers to execute arbitrary SQL commands via the (1) jobcountryid and (2) jobstateid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-2603 | 1 E-supportportal | 1 Escon Supportportal Pro | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Escon SupportPortal Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat and (2) tid parameters. | ||||
| CVE-2006-7232 | 3 Canonical, Mysql, Redhat | 3 Ubuntu Linux, Mysql, Enterprise Linux | 2026-04-23 | N/A |
| sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY. | ||||
| CVE-2008-2190 | 1 Romedchim International Srl | 1 Online Rent Property Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected. | ||||
| CVE-2009-3063 | 2 Indianpulses, Joomla | 2 Com Gameserver, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php. | ||||
| CVE-2007-2000 | 1 Raphael Limbach | 1 Crea-book | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/admin.php in Crea-Book 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pseudo or (2) passe parameter. | ||||
| CVE-2009-4540 | 1 Bpowerhouse | 1 Mini Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in page.php in Mini CMS 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||