Export limit exceeded: 19525 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19525 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6031 | 1 Wsn Links | 1 Wsn Links | 2026-04-23 | N/A |
| SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable. | ||||
| CVE-2008-5321 | 2 Xoops, Xoops Hocasi | 2 Xoops, Gesgaleri | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the no parameter. | ||||
| CVE-2008-6808 | 1 Scripts-for-sites | 1 Ez Link Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in links.php in Scripts for Sites (SFS) EZ Link Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-5800 | 1 Typo3 | 2 Fsmi People, Wir Ber Uns Extension | 2026-04-23 | N/A |
| SQL injection vulnerability in the Wir ber uns [sic] (fsmi_people) extension 0.0.24 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6401 | 1 Jetik | 1 Jetik-web | 2026-04-23 | N/A |
| SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote attackers to execute arbitrary SQL commands via the kat parameter. | ||||
| CVE-2008-0650 | 1 Simple Os Cms | 1 Simple Os Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6573 | 1 Avaya | 1 Communication Manager | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya Communication Manager 3.x, 4.0, and 5.0 (1) allow remote attackers to execute arbitrary SQL commands via unspecified vectors related to profiles in the SIP Personal Information Manager (SPIM) in the web interface; and allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to (2) permissions for SPIM profiles in the web interface and (3) a crafted SIP request to the SIP server. | ||||
| CVE-2008-3417 | 1 Fipsasp | 1 Fipscms Light | 2026-04-23 | N/A |
| SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the r parameter, a different vector than CVE-2006-6115 and CVE-2007-2561. | ||||
| CVE-2009-2593 | 1 Censura | 1 Censura | 2026-04-23 | N/A |
| SQL injection vulnerability in censura.php in Censura 1.16.04 allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a details action. | ||||
| CVE-2006-6912 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-23 | N/A |
| SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter. | ||||
| CVE-2009-4625 | 2 Joomla, Tamlyncreative | 2 Joomla\!, Com Bfsurvey Profree | 2026-04-23 | N/A |
| SQL injection vulnerability in the updateOnePage function in components/com_bfsurvey_pro/controller.php in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4, and other versions before 1.2.6, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the table parameter in an updateOnePage action to index.php. | ||||
| CVE-2009-4620 | 2 Joomla, Joomloc | 2 Joomla\!, Com Joomloc | 2026-04-23 | N/A |
| SQL injection vulnerability in the Joomloc (com_joomloc) component 1.0 for Joomla allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php. | ||||
| CVE-2008-2999 | 1 Drupal | 2 Aggregation Module, Drupal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-0381 | 2 Bazaarbuilder, Joomla | 2 Ecommerce Shopping Cart, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping Cart (com_prod) 5.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a products action to index.php. | ||||
| CVE-2008-3136 | 1 Ashopsoftware | 1 Ashop Deluxe | 2026-04-23 | N/A |
| SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-4091 | 1 Source Workshop | 1 Web Directory Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Web Directory Script 1.5.3 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action. | ||||
| CVE-2008-6349 | 1 Turnkeyforms | 1 Business Survey Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-3452 | 1 Endonesia | 2 Calendar Module, Endonesia | 2026-04-23 | N/A |
| SQL injection vulnerability in the Calendar module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the loc_id parameter in a list_events action to mod.php. | ||||
| CVE-2008-5637 | 1 Parsblogger | 1 Parsblogger | 2026-04-23 | N/A |
| SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows remote attackers to execute arbitrary SQL commands via the wr parameter. | ||||
| CVE-2008-6003 | 1 Aj Square | 1 Aj Auction | 2026-04-23 | N/A |
| SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote attackers to execute arbitrary SQL commands via the seller_id parameter. | ||||