Search Results (19663 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5607 2 Joomitaly, Joomla 2 Jmovies, Joomla 2026-04-23 N/A
SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2008-4524 1 Adaptcms 1 Adaptcms 2026-04-23 N/A
SQL injection vulnerability in the "Check User" feature (includes/check_user.php) in AdaptCMS Lite and AdaptCMS Pro 1.3 allows remote attackers to execute arbitrary SQL commands via the user_name parameter.
CVE-2009-1848 2 Joomla, Joomlame 2 Joomla, Com Agoragroup 2026-04-23 N/A
SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to index.php.
CVE-2008-5609 1 Typo3 2 Commerce Extension, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-4570 1 Real-estate-scripts 1 Real-estate-scripts 2026-04-23 N/A
SQL injection vulnerability in index.php in Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-4573 1 Aspindir 1 Munzursoft Web Portal W3 2026-04-23 N/A
SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal W3 allows remote attackers to execute arbitrary SQL commands via the kat parameter.
CVE-2008-4574 1 Aspindir 1 Ayco Okul Portali 2026-04-23 N/A
SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
CVE-2008-4590 1 Stash 1 Stash 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Stash 1.0.3 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to admin/login.php and (2) the post parameter to admin/news.php.
CVE-2008-2492 1 Badongo 1 Campus Bulletin Board 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to post3/view.asp and the (2) review parameter to post3/book.asp.
CVE-2008-4599 1 Mosaic Commerce 1 Mosaic Commerce 2026-04-23 N/A
SQL injection vulnerability in category.php in Mosaic Commerce allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-4603 1 Igaming 1 Cms 2026-04-23 N/A
SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action.
CVE-2008-4604 1 Cafeengine 1 Easycafeengine 2026-04-23 N/A
SQL injection vulnerability in index.php in Easy CafeEngine 1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter.
CVE-2008-4605 1 Cafeengine 1 Easycafeengine 2026-04-23 N/A
SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) dish.php and (2) menu.php.
CVE-2008-4606 1 Ip Reg 1 Ip Reg 2026-04-23 N/A
Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) location_id parameter to locationdel.php and (2) vlan_id parameter to vlanedit.php. NOTE: the vlanview.php and vlandel.php vectors are already covered by CVE-2007-6579.
CVE-2008-4611 1 Php Arsivimiz 1 Php Ziyaretci Defteri 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP Arsivimiz Php Ziyaretci Defteri allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
CVE-2008-4613 1 Portalapp 1 Portalapp 2026-04-23 N/A
SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
CVE-2008-4627 2 Rgallery, Woltlab 2 Rgallery Plugin, Woltlab Burning Board 2026-04-23 N/A
SQL injection vulnerability in the rGallery plugin 1.09 for WoltLab Burning Board (WBB) allows remote attackers to execute arbitrary SQL commands via the itemID parameter in the RGalleryImageWrapper page in index.php.
CVE-2008-4628 1 Mywebland 1 Minibloggie 2026-04-23 N/A
SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the post_id parameter.
CVE-2008-5652 1 Myiosoft 1 Easybookmarker 2026-04-23 N/A
SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4633 1 Drupal 2 Drupal, Node Clone 2026-04-23 N/A
SQL injection vulnerability in Node Vote 5.x before 5.x-1.1 and 6.x before 6.x-1.0, a module for Drupal, when "Allow user to vote again" is enabled, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to a "previously cast vote."