Export limit exceeded: 347063 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45639 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18836 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18836 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2416 | 1 Fichive | 1 Fichive | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php. | ||||
| CVE-2008-2336 | 1 68 Classifieds | 1 68 Classifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2007-6217 | 1 Irola | 1 My-time | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.asp in Irola My-Time (aka Timesheet) 3.5 allow remote attackers to execute arbitrary SQL commands via the (1) login (aka Username) and (2) password parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4525 | 1 Ampjuke | 1 Ampjuke | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in AmpJuke 0.7.5 allows remote attackers to execute arbitrary SQL commands via the special parameter in a performerid action. | ||||
| CVE-2008-4732 | 2 Pressography, Wordpress | 2 Wp Comment Remix Plugin, Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||
| CVE-2009-1842 | 1 Phpnuke | 1 Php-nuke | 2026-04-23 | N/A |
| SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header. | ||||
| CVE-2009-1843 | 1 Glenn Mcgurrin | 1 Flash Quiz | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Flash Quiz Beta 2 allow remote attackers to execute arbitrary SQL commands via the (1) quiz parameter to (a) num_questions.php, (b) answers.php, (c) high_score.php, (d) high_score_web.php, (e) results_table_web.php, and (f) question.php; and the (2) order_number parameter to (g) answers.php and (h) question.php. | ||||
| CVE-2007-4173 | 1 Hunkaray Okul | 1 Portaly | 2026-04-23 | N/A |
| SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-3080. | ||||
| CVE-2007-6311 | 1 Falt4 Cms | 1 Falt4 Extreme Rc4 | 2026-04-23 | N/A |
| SQL injection vulnerability in (1) index.php, and possibly (2) admin/index.php, in Falt4Extreme RC4 10.9.2007 allows remote attackers to execute arbitrary SQL commands via the nav_ID parameter. | ||||
| CVE-2008-5813 | 1 Spip | 1 Spip | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6318 | 1 Wordpress | 1 Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or possibly other character set encodings that support a "\" in a multibyte character. | ||||
| CVE-2007-6498 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) email and (2) loginname parameters to Hosting/Addreseller.asp, (3) the sortfield parameter to accounts/accountmanager.asp, (4) the GateWayID parameter to OpenApi/GatewayVariables.asp, and possibly (5) unspecified vectors to IIS/iibind.asp. | ||||
| CVE-2008-2671 | 1 Dcfm Blog | 1 Dcfm Blog | 2026-04-23 | N/A |
| SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-1023 | 1 Phpcomasy | 1 Phpcomasy | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in phpComasy 0.9.1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter. | ||||
| CVE-2008-6970 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-23 | N/A |
| SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter. | ||||
| CVE-2009-1259 | 1 Insanevisions | 1 Adaptbb | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php. | ||||
| CVE-2007-6556 | 1 Websihirbazi | 1 Websihirbazi | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in websihirbazi 5.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to default.asp in a news page action or (2) the pageid parameter to default.asp. | ||||
| CVE-2007-6565 | 1 Blakord | 1 Blakord Portal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to an arbitrary component. | ||||
| CVE-2007-6576 | 1 Adultscript | 1 Adultscript | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php. | ||||
| CVE-2007-6577 | 1 Zsuite | 1 Zblog | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action. | ||||