Search Results (19683 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1626 1 Eggblog 1 Eggblog 2026-04-23 N/A
SQL injection vulnerability in eggBlog before 4.0.1 allows remote attackers to execute arbitrary SQL commands via an unspecified cookie. NOTE: this might overlap CVE-2008-0159.
CVE-2008-2916 1 Preprojects 1 Pre Ads Portal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to showcategory.php and the (2) id parameter to software-description.php.
CVE-2008-2914 1 Preprojects 1 Php Jobwebsite Pro 2026-04-23 N/A
SQL injection vulnerability in jobseekers/JobSearch3.php (aka the search module) in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the (1) kw or (2) position parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-2909 1 Clever Copy 1 Clever Copy 2026-04-23 N/A
SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter.
CVE-2008-2904 1 Phpmycart 1 Phpmycart 2026-04-23 N/A
SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-2893 1 Ajhyip 1 Aj Square Aj-hyip 2026-04-23 N/A
SQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-2532.
CVE-2008-2892 2 Feellove, Joomla 2 Exp Shop Component, Com Expshop 2026-04-23 N/A
SQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_payment action to index.php.
CVE-2008-2816 1 O2php 1 Oxygen 2026-04-23 N/A
SQL injection vulnerability in post.php in Oxygen (aka O2PHP Bulletin Board) 2.0 allows remote attackers to execute arbitrary SQL commands via the repquote parameter in a reply action, a different vector than CVE-2006-1572.
CVE-2008-7226 2 Php-nuke, Phpnuke 2 Recipe Module, Php-nuke 2026-04-23 N/A
SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the recipeid parameter.
CVE-2008-2866 1 Caupo.net 1 Cauposhop Classic 2026-04-23 N/A
SQL injection vulnerability in csc_article_details.php in Caupo.net CaupoShop Classic 1.3 allows remote attackers to execute arbitrary SQL commands via the saArticle[ID] parameter.
CVE-2008-2416 1 Fichive 1 Fichive 2026-04-23 N/A
SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php.
CVE-2008-1915 1 Devworx 1 Blogworx 2026-04-23 N/A
SQL injection vulnerability in view.asp in DevWorx BlogWorx 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2865 1 Kalptaru Infotech 1 Php Site Lock 2026-04-23 N/A
SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a show_article action.
CVE-2008-1909 1 Chadha Software Technologies 1 Phpkb Knowledge Base 2026-04-23 N/A
SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-2394 1 Tagworx 1 Tagworx Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php.
CVE-2008-2384 3 Apache, Joey Schulze, Redhat 3 Http Server, Mod Auth Mysql, Enterprise Linux 2026-04-23 N/A
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
CVE-2008-7120 1 Mrcgiguy 1 Hot Links Sql-php 2026-04-23 N/A
SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter.
CVE-2008-3388 1 Easy-script 1 Def Blog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote attackers to execute arbitrary SQL commands via the article parameter to (1) comaddok.php and (2) comlook.php.
CVE-2008-2853 1 Easy Webstore 1 Easy Webstore 2026-04-23 N/A
SQL injection vulnerability in index.php in Easy Webstore 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_path parameter.
CVE-2008-1895 1 Carboncommunities 1 Carbon Communities 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to events.asp, the (2) UserName parameter to getpassword.asp, and possibly an unspecified parameter to (3) option_Update.asp in an edit action.