Search Results (19710 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3133 1 Barenuked 1 Barenuked Cms 2026-04-23 N/A
SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2008-5782 1 Zeeways 1 Zeematri 2026-04-23 N/A
SQL injection vulnerability in bannerclick.php in ZeeMatri 3.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
CVE-2007-6143 1 Vu 1 Case Manager 2026-04-23 N/A
SQL injection vulnerability in default.asp (aka the Login Page) in VU Case Manager allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2008-2837 1 Cms.brdconcept 1 Cms-brd 2026-04-23 N/A
SQL injection vulnerability in index.php in CMS-BRD allows remote attackers to execute arbitrary SQL commands via the menuclick parameter.
CVE-2008-5777 1 Cadenix 1 Cadenix 2026-04-23 N/A
SQL injection vulnerability in index.php in CadeNix allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-3118 1 Phpmotion 1 Phpmotion 2026-04-23 N/A
SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the vid parameter.
CVE-2008-0735 1 Auracms 1 Auracms 2026-04-23 N/A
SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the albums parameter.
CVE-2008-5775 1 Apertoblog 1 Apertoblog 2026-04-23 N/A
SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0734 1 Limbo Cms 1 Limbo Cms 2026-04-23 N/A
SQL injection vulnerability in class_auth.php in Limbo CMS 1.0.4.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the cuid cookie parameter to admin.php.
CVE-2008-5779 1 Flds Script 1 Flds 2026-04-23 N/A
SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5772 1 Aspsiteware 1 Realtylistings 2026-04-23 N/A
Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to type.asp and the (2) iPro parameter to detail.asp.
CVE-2008-5785 1 V3chat 1 V3 Chat Profiles Dating Script 2026-04-23 N/A
SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
CVE-2008-2535 1 Fkrauthan 1 Phoenix View Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to execute arbitrary SQL commands via the del parameter to (1) gbuch.admin.php, (2) links.admin.php, (3) menue.admin.php, (4) news.admin.php, and (5) todo.admin.php in admin/module/.
CVE-2008-5767 1 Gazatem 1 Gnews Publisher 2026-04-23 N/A
SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter.
CVE-2008-3089 1 Xpoze 1 Xpoze Pro 2026-04-23 N/A
SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter.
CVE-2009-3321 1 Saphplesson 1 Saphplesson 2026-04-23 N/A
SQL injection vulnerability in SaphpLesson 4.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP HTTP header.
CVE-2007-6269 1 Xigla 1 Absolute News Manager.net 2026-04-23 N/A
Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in Absolute News Manager.NET 5.1 allow remote attackers to execute arbitrary SQL commands via the (1) z, (2) pz, (3) ord, and (4) sort parameters.
CVE-2007-6140 1 Dora Emlak 1 Dora Emlak 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) emlak_detay.asp and (b) haber_detay.asp, the (2) kategori parameter to (c) kategorisirala.asp, and the (3) tip parameter to (d) tipsirala.asp.
CVE-2007-6266 1 Bcoos 1 Bcoos 2026-04-23 N/A
Multiple SQL injection vulnerabilities in bcoos 1.0.10 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to modules/arcade/index.php in a show_stats action, or the lid parameter to (2) modules/myalbum/ratephoto.php or (3) modules/mylinks/ratelink.php, different vectors than CVE-2007-5104.
CVE-2007-5151 1 Nukescripts 1 Nukesentinel 2026-04-23 N/A
SQL injection vulnerability in the abget_admin function in includes/nukesentinel.php in NukeSentinel 2.5.12 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie.