Search Results (19725 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-7169 2 Jabode, Joomla 2 Com Jabode, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in Jabode horoscope extension (com_jabode) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php.
CVE-2008-5051 2 Jooblog, Joomla 2 Jooblog, Joomla 2026-04-23 N/A
SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php.
CVE-2008-6728 1 Phpnuke 1 Php-nuke 2026-04-23 N/A
SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
CVE-2008-5923 1 Asp-dev 1 Xm Events Diary 2026-04-23 N/A
SQL injection vulnerability in default.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands the cat parameter.
CVE-2008-1626 1 Eggblog 1 Eggblog 2026-04-23 N/A
SQL injection vulnerability in eggBlog before 4.0.1 allows remote attackers to execute arbitrary SQL commands via an unspecified cookie. NOTE: this might overlap CVE-2008-0159.
CVE-2008-2914 1 Preprojects 1 Php Jobwebsite Pro 2026-04-23 N/A
SQL injection vulnerability in jobseekers/JobSearch3.php (aka the search module) in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the (1) kw or (2) position parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-1816 1 Mygamescript 1 My Game Script 2026-04-23 N/A
SQL injection vulnerability in admin.php in My Game Script 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the username field). NOTE: some of these details are obtained from third party information.
CVE-2008-5222 1 Dvbbs 1 Dvbbs 2026-04-23 N/A
SQL injection vulnerability in login.asp in Dvbbs 8.2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-6233 1 Fivedollarscripts 1 Drinks 2026-04-23 N/A
SQL injection vulnerability in index.php in Five Dollar Scripts Drinks script allows remote attackers to execute arbitrary SQL commands via the recid parameter.
CVE-2008-6890 1 Codetoad 1 Asp Forum Script 2026-04-23 N/A
SQL injection vulnerability in messages.asp in ASP Forum Script allows remote attackers to execute arbitrary SQL commands via the message_id parameter.
CVE-2009-4617 1 Tourismscripts 1 Tourism Script Accomodation Hotel Booking Portal Script 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Tourism Script Accommodation Hotel Booking Portal Script allow remote attackers to execute arbitrary SQL commands via the hotel_id parameter to (1) hotel.php, (2) details.php, (3) roomtypes.php, (4) photos.php, (5) map.php, (6) weather.php, (7) reviews.php, and (8) book.php.
CVE-2009-0672 1 Ravenphpscripts 1 Ravennuke 2026-04-23 N/A
SQL injection vulnerability in the Resend_Email module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary SQL commands via the user_prefix parameter to modules.php.
CVE-2008-2909 1 Clever Copy 1 Clever Copy 2026-04-23 N/A
SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter.
CVE-2008-6379 1 Mxmania 1 Gallery Mx 2026-04-23 N/A
SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-6782 1 Scripts-for-sites 1 Ez Hosting Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Hosting Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-6311 1 Butterflymedia 1 Butterfly Organizer 2026-04-23 N/A
SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 allows remote attackers to execute arbitrary SQL commands via the mytable parameter. NOTE: the id vector is covered by another CVE name.
CVE-2008-6189 1 Gforge 1 Gforge 2026-04-23 N/A
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to (1) new/index.php, (2) news/index.php, and (3) top/topusers.php, which is not properly handled in database-pgsql.php.
CVE-2009-1033 1 Deluxebb 1 Deluxebb 2026-04-23 N/A
SQL injection vulnerability in misc.php in DeluxeBB 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the qorder parameter, a different vector than CVE-2005-2989 and CVE-2006-2503.
CVE-2009-1032 1 Yabsoft 1 Advanced Image Hosting Script 2026-04-23 N/A
SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter.
CVE-2008-1149 1 Phpmyadmin 1 Phpmyadmin 2026-04-23 N/A
phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.