Search Results (19678 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6148 2 Joomla, Raven-worx 2 Joomla, Liveticker 2026-04-23 N/A
SQL injection vulnerability in the Live Ticker (com_liveticker) module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a viewticker action to index.php.
CVE-2008-2760 1 Xigla 1 Absolute Banner Manager 2026-04-23 N/A
SQL injection vulnerability in searchbanners.asp in Xigla Absolute Banner Manager XE 2.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter.
CVE-2007-1026 1 Scriptdungeon 1 Xlatunes 2026-04-23 N/A
SQL injection vulnerability in view.php in XLAtunes 0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the album parameter in view mode. NOTE: some of these details are obtained from third party information.
CVE-2007-4368 1 Ibm 1 Rational Clearquest 2026-04-23 N/A
SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command.
CVE-2008-6040 1 Agares Media 1 Arcadem Pro 2026-04-23 N/A
SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php.
CVE-2008-0424 1 Mooseguy Blog System 1 Mgbs 2026-04-23 N/A
SQL injection vulnerability in blog.php in Mooseguy Blog System (MGBS) 1.0 allows remote attackers to execute arbitrary SQL commands via the month parameter.
CVE-2009-2782 2 Jfusion, Joomla 2 Com Jfusion, Joomla 2026-04-23 N/A
SQL injection vulnerability in the JFusion (com_jfusion) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVE-2008-5191 1 Seportal 1 Seportal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php.
CVE-2008-7049 1 Natterchat 1 Natterchat 2026-04-23 N/A
Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote attackers to execute arbitrary SQL commands via the (1) txtUsername parameter (aka Username) and (2) txtPassword parameter (aka Password) in a form generated by home.asp. NOTE: due to lack of details, it is not clear whether this is related to CVE-2004-2206.
CVE-2008-1346 1 Myiosoft 1 Easycalendar 2026-04-23 N/A
SQL injection vulnerability in staticpages/easygallery/index.php in MyioSoft EasyGallery 5.0tr and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action.
CVE-2008-6246 1 Scripts-for-sites 1 Ez Webring 2026-04-23 N/A
SQL injection vulnerability in category.php in Scripts For Sites (SFS) EZ Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-6230 1 Preprojects 1 Pre Podcast Portal 2026-04-23 N/A
SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-3217 1 Wiccle 1 Iwiccle 2026-04-23 N/A
SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the member_id parameter in an edit_user action to index.php.
CVE-2008-6124 2 Debian, Moodle 2 Debian Linux, Moodle 2026-04-23 N/A
SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the HotPot module in Moodle 1.6 before 1.6.7, 1.7 before 1.7.5, 1.8 before 1.8.6, and 1.9 before 1.9.2 allows remote attackers to execute arbitrary SQL commands via a crafted selected attempt.
CVE-2009-2777 1 Garagesalesjunkie 1 Garagesales Script 2026-04-23 N/A
SQL injection vulnerability in visitor/view.php in GarageSales Script allows remote attackers to execute arbitrary SQL commands via the key parameter.
CVE-2009-2885 1 Phpscriptsnow 1 World\'s Tallest Buildings 2026-04-23 N/A
SQL injection vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter.
CVE-2008-4348 1 Outshine 1 Phportfolio 2026-04-23 N/A
SQL injection vulnerability in photo.php in PHPortfolio, possibly 1.3, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2996 1 Gravityboardx 1 Gravity Board X 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Gravity Board X (GBX) 2.0 Beta, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchquery parameter in a getsearch action, and the (2) board_id parameter in a viewboard action.
CVE-2008-0873 1 Jlmzone 1 Classifieds 2026-04-23 N/A
SQL injection vulnerability in index.php in the jlmZone Classifieds module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in an Adsview action.
CVE-2008-5097 1 Myfwb 1 Myfwb 2026-04-23 N/A
SQL injection vulnerability in index.php in MyFWB 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.