Export limit exceeded: 29900 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18786 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18786 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6115 | 1 Prozilla | 1 Hosting Index | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action, a different vector than CVE-2008-2083. | ||||
| CVE-2006-6048 | 1 Etomite | 1 Etomite | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Etomite CMS 0.6.1.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-2619 | 1 Datachecknh | 1 V-spacepal | 2026-04-23 | N/A |
| SQL injection vulnerability in login.asp in DataCheck Solutions V-SpacePal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1508 | 1 Keir Davis | 1 X-forum | 2026-04-23 | N/A |
| SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php. | ||||
| CVE-2008-3374 | 1 Gregarius | 1 Gregarius | 2026-04-23 | N/A |
| SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action. | ||||
| CVE-2008-6418 | 1 Torrenttrader | 1 Torrenttrader | 2026-04-23 | N/A |
| SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter. | ||||
| CVE-2007-4920 | 1 Php Webquest | 1 Php Webquest | 2026-04-23 | N/A |
| SQL injection vulnerability in soporte_derecha_w.php in PHP Webquest 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter. | ||||
| CVE-2007-6127 | 1 Project Alumni | 1 Project Alumni | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the year parameter to (1) view.page.inc.php, which is reachable through a view action to index.php; or (2) the year parameter to news.page.inc.php, which is reachable through a news action to index.php. | ||||
| CVE-2008-6153 | 1 Jayeshp | 1 Pixel8 Web Photo Album | 2026-04-23 | N/A |
| SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo Album 3.0 allows remote attackers to execute arbitrary SQL commands via the AlbumID parameter. | ||||
| CVE-2008-5978 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp. | ||||
| CVE-2009-1245 | 1 Cccp-common-clan-portal-pasterbin | 1 Cccp Pastebin | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1177 | 1 Affiliate Market | 1 Affiliate Market | 2026-04-23 | N/A |
| SQL injection vulnerability in shop/detail.php in Affiliate Market (affmarket) 0.1 BETA allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-4574 | 1 I-escorts | 1 I-escorts Directory Script | 2026-04-23 | N/A |
| SQL injection vulnerability in country_escorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the country_id parameter. | ||||
| CVE-2009-1282 | 1 Glfusion | 1 Glfusion | 2026-04-23 | N/A |
| SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the glf_session cookie parameter. | ||||
| CVE-2008-2096 | 1 Backlinkspider | 1 Backlink Spider | 2026-04-23 | N/A |
| SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php. | ||||
| CVE-2008-0355 | 1 Phpecho Cms | 1 Phpecho Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866. | ||||
| CVE-2008-3719 | 1 Scripts-for-sites | 1 Affiliate Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in SFS Affiliate Directory allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action. | ||||
| CVE-2009-4380 | 1 Valarsoft | 1 Webmatic | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-2925. | ||||
| CVE-2008-1314 | 2 Johannes Hass, Phpnuke | 2 Gaestebuch Module, Php-nuke | 2026-04-23 | N/A |
| SQL injection vulnerability in the Johannes Hass gaestebuch 2.2 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to modules.php. | ||||
| CVE-2008-2190 | 1 Romedchim International Srl | 1 Online Rent Property Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected. | ||||