Export limit exceeded: 18816 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18816 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3973 | 1 Turnkeyarcade | 1 Turnkey Arcade Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a browse action, a different vector than CVE-2008-5629. | ||||
| CVE-2008-2995 | 1 Phpeasydata | 1 Phpeasydata | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to execute arbitrary SQL commands via (1) the annuaire parameter to annuaire.php or (2) the username field in admin/login.php. | ||||
| CVE-2008-2860 | 1 Aj Square | 1 Aj Auction | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in AJSquare AJ Auction Pro web 2.0 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. | ||||
| CVE-2008-4338 | 1 Vacilanda | 1 Brilliant Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in the brilliant_gallery_checklist_save function in the bgchecklist/save script in Brilliant Gallery 5.x and 6.x, a module for Drupal, allows remote authenticated users with "access brilliant_gallery" permissions to execute arbitrary SQL commands via the (1) nid, (2) qid, (3) state, and possibly (4) user parameters. | ||||
| CVE-2008-2856 | 1 Ownrs | 1 Ownrs | 2026-04-23 | N/A |
| SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0409 | 1 Mzbservices | 1 Max.blog | 2026-04-23 | N/A |
| SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-4303 | 1 Php-collab | 1 Php-collab | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and earlier allow remote attackers to execute arbitrary SQL commands via the loginForm parameter to general/login.php, and unspecified other vectors. | ||||
| CVE-2009-3337 | 1 S9y | 1 Serendipity Event Freetag | 2026-04-23 | N/A |
| SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin before 3.09 for Serendipity (S9Y) allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry. | ||||
| CVE-2008-5950 | 1 Aspapps | 1 Template Creature | 2026-04-23 | N/A |
| SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote attackers to execute arbitrary SQL commands via the mcatid parameter. | ||||
| CVE-2009-3148 | 1 Portalxp | 1 Portalxp | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) calendar.php, (2) news.php, and (3) links.php; and the (4) assignment_id parameter to assignments.php. | ||||
| CVE-2009-3082 | 1 Snowhall | 1 Silurus System | 2026-04-23 | N/A |
| SQL injection vulnerability in wcategory.php in Snow Hall Silurus System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1220 | 1 Phpnuke | 1 4nchat | 2026-04-23 | N/A |
| SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the roomid parameter in an index action to modules.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6911 | 1 Brewblogger | 1 Brewblogger | 2026-04-23 | N/A |
| SQL injection vulnerability in the authenticateUser function in includes/authentication.inc.php in BrewBlogger (BB) 2.1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginUsername parameter to includes/logincheck.inc.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-2598 | 1 Onlinegrades | 1 Online Grades | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Online Grades & Attendance 3.2.6 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the key parameter in a resetpass action to index.php and (2) remote authenticated users to execute arbitrary SQL commands via the ADD parameter in a mailto action to parents/parents.php. | ||||
| CVE-2008-5652 | 1 Myiosoft | 1 Easybookmarker | 2026-04-23 | N/A |
| SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-6094 | 1 Dotnetindex | 1 Active News Manager | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) catID parameter to activeNews_categories.asp, the (2) articleID parameter to activeNews_comments.asp, or the (3) query parameter to activenews_search.asp. | ||||
| CVE-2008-5651 | 1 Myiosoft | 1 Easybookmarker | 2026-04-23 | N/A |
| SQL injection vulnerability in plugins/bookmarker/bookmarker_backend.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the Parent parameter. | ||||
| CVE-2008-2858 | 1 Webchamado | 1 Webchamado | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the eml parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-0854 | 2 Joomla, Mambo | 2 Com Salesrep, Com Salesrep | 2026-04-23 | N/A |
| SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php. | ||||
| CVE-2008-6527 | 1 Go4i | 1 Go41.net Asp Forum | 2026-04-23 | N/A |
| SQL injection vulnerability in forum.asp in GO4I.NET ASP Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the iFor parameter. | ||||