Search Results (19719 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6234 2 Joomla, Mambo-foundation 4 Com Musica, Joomla, Com Musica and 1 more 2026-04-23 N/A
SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2008-3772 1 Pars4u 1 Videosharing 2026-04-23 N/A
SQL injection vulnerability in categories_portal.php in Pars4u Videosharing 1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-5788 1 Domainsellerpro 1 Domain Seller Pro 2026-04-23 N/A
SQL injection vulnerability in index.php in Domain Seller Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5781 1 Cfagcms 1 Cfagcms 2026-04-23 N/A
SQL injection vulnerability in right.php in Cant Find A Gaming CMS (CFAGCMS) 1.0 Beta 1 allows remote attackers to execute arbitrary SQL commands via the title parameter.
CVE-2008-5772 1 Aspsiteware 1 Realtylistings 2026-04-23 N/A
Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to type.asp and the (2) iPro parameter to detail.asp.
CVE-2008-5766 1 Fascript 1 Faupload 2026-04-23 N/A
SQL injection vulnerability in download.php in Farsi Script Faupload allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5751 1 Alstrasoft 1 Web Email Script Enterprise 2026-04-23 N/A
SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a directory action.
CVE-2008-3774 1 Simasy 1 Simasy Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Simasy CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6242 1 Scripts-for-sites 1 Ez E-store 2026-04-23 N/A
SQL injection vulnerability in SearchResults.php in Scripts For Sites (SFS) EZ e-store allows remote attackers to execute arbitrary SQL commands via the where parameter.
CVE-2008-6249 1 Gwm 1 Galatolo Webmanager 2026-04-23 N/A
SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3780 1 Review-script 1 Five Star Review Script 2026-04-23 N/A
SQL injection vulnerability in recommend.php in Five Star Review Script allows remote attackers to execute arbitrary SQL commands via the item_id parameter.
CVE-2009-0420 2 Joomla, Rd-media 2 Joomla, Rd-autos 2026-04-23 N/A
SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2008-6254 1 Jadu 1 Jadu Galaxies 2026-04-23 N/A
SQL injection vulnerability in scripts/documents.php in Jadu Galaxies allows remote attackers to execute arbitrary SQL commands via the categoryID parameter.
CVE-2008-6258 1 Quadcomm 1 Q-shop 2026-04-23 N/A
SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108.
CVE-2008-3783 1 Matterdaddy 1 Matterdaddy Market 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Matterdaddy Market 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) type parameters.
CVE-2008-3784 2 Btitracker Project, Xbtitracker Project 2 Btitracker, Xbtitracker 2026-04-23 N/A
SQL injection vulnerability in scrape.php in BtiTracker 1.4.7 and earlier and xBtiTracker 2.0.542 and earlier allows remote attackers to execute arbitrary SQL commands via the info_hash parameter.
CVE-2008-3785 1 Miacms 1 Miacms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the com_content component in MiaCMS 4.6.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) view, (2) category, or (3) blogsection action to index.php.
CVE-2008-5733 1 Php-fusion 2 Php-fusion, Team Impact Ti Blog System Module 2026-04-23 N/A
SQL injection vulnerability in blog.php in the Team Impact TI Blog System mod for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3787 1 Nullscripts 1 Web Directory Script 2026-04-23 N/A
SQL injection vulnerability in listing_view.php in Web Directory Script 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter.
CVE-2008-3788 1 Picturespro 1 Picturespro Photo Cart 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) qtitle, (2) qid, and (3) qyear parameters to (a) search.php, and the (4) email and (5) password parameters to (b) _login.php.