Export limit exceeded: 363336 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19679 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3765 1 Discountedscripts 1 Quick Poll Script 2026-04-23 N/A
SQL injection vulnerability in code.php in Quick Poll Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2692 1 Joomla 1 Com Yvcomment 2026-04-23 N/A
SQL injection vulnerability in the yvComment (com_yvcomment) component 1.16.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the ArticleID parameter in a comment action to index.php.
CVE-2008-6233 1 Fivedollarscripts 1 Drinks 2026-04-23 N/A
SQL injection vulnerability in index.php in Five Dollar Scripts Drinks script allows remote attackers to execute arbitrary SQL commands via the recid parameter.
CVE-2009-4428 2 Joomla, Joomplace 2 Joomla, Com Joomportfolio 2026-04-23 N/A
SQL injection vulnerability in the JoomPortfolio (com_joomportfolio) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the secid parameter in a showcat action to index.php.
CVE-2007-5688 3 Invision Power Services, Phpbb, Sebflipper 3 Invision Power Board, Phpbb, Multi-forums Module 2026-04-23 N/A
Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to execute arbitrary SQL commands via the (1) go and (2) cat parameters.
CVE-2008-5637 1 Parsblogger 1 Parsblogger 2026-04-23 N/A
SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows remote attackers to execute arbitrary SQL commands via the wr parameter.
CVE-2009-3498 1 Hbcms 1 Hbcms 2026-04-23 N/A
SQL injection vulnerability in php/update_article_hits.php in HBcms 1.7 allows remote attackers to execute arbitrary SQL commands via the article_id parameter.
CVE-2008-5605 1 Aspapps 1 Aspportal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in ASP Portal allow remote attackers to execute arbitrary SQL commands via the (1) ItemID parameter to classifieds.asp and the (2) ID parameter to Events.asp.
CVE-2008-0507 1 Wordpress 1 Adserve 2026-04-23 N/A
SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5074 1 Php-fusion 2 Freshlinks Module, Php-fusion 2026-04-23 N/A
SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
CVE-2008-3719 1 Scripts-for-sites 1 Affiliate Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in SFS Affiliate Directory allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action.
CVE-2009-3715 1 Maniacomputer 1 Mcshoutbox 2026-04-23 N/A
Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
CVE-2009-0339 1 Dmxready 1 Blog Manager 2026-04-23 N/A
SQL injection vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to execute arbitrary SQL commands via the itemID parameter in a view action.
CVE-2007-5630 1 Bbsprocess 1 Bbportals 2026-04-23 N/A
SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.10 through 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a tnews action.
CVE-2008-5804 1 E-topbiz 1 Number Links 1 Php Script 2026-04-23 N/A
SQL injection vulnerability in admin/admin_catalog.php in e-topbiz Number Links 1 Php Script allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action.
CVE-2008-3185 1 Vclcomponents 1 Relative Real Estate Systems 2026-04-23 N/A
SQL injection vulnerability in index.php in Relative Real Estate Systems 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action.
CVE-2008-0649 1 Adp 1 Astanda Directory Project 2026-04-23 N/A
SQL injection vulnerability in detail.php in Astanda Directory Project (ADP) 1.2 and 1.3 allows remote attackers to execute arbitrary SQL commands via the link_id parameter.
CVE-2008-4904 1 Typosphere 1 Typo 2026-04-23 N/A
SQL injection vulnerability in the "Manage pages" feature (admin/pages) in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via the search[published_at] parameter.
CVE-2008-0650 1 Simple Os Cms 1 Simple Os Cms 2026-04-23 N/A
SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-5678 1 Phpbasic 1 Phpbasic 2026-04-23 N/A
SQL injection vulnerability in the Music module in phpBasic allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to the default URI.