Search Results (19727 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6611 1 Abweb 1 Minimal Ablog 2026-04-23 N/A
SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-6094 1 Dotnetindex 1 Active News Manager 2026-04-23 N/A
Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) catID parameter to activeNews_categories.asp, the (2) articleID parameter to activeNews_comments.asp, or the (3) query parameter to activenews_search.asp.
CVE-2009-0672 1 Ravenphpscripts 1 Ravennuke 2026-04-23 N/A
SQL injection vulnerability in the Resend_Email module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary SQL commands via the user_prefix parameter to modules.php.
CVE-2008-7169 2 Jabode, Joomla 2 Com Jabode, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in Jabode horoscope extension (com_jabode) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php.
CVE-2009-0702 2 Joomla, Phoca 2 Joomla, Com Phocadocumentation 2026-04-23 N/A
SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to index.php.
CVE-2009-0705 1 Powerscripts 1 Powernews 2026-04-23 N/A
SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
CVE-2009-0706 3 Joomla, Mambo, Simple-review 3 Joomla, Mambo, Com Simple Review 2026-04-23 N/A
SQL injection vulnerability in the Simple Review (com_simple_review) component 1.3.5 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php.
CVE-2008-1220 1 Phpnuke 1 4nchat 2026-04-23 N/A
SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the roomid parameter in an index action to modules.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-0882 1 Roman Bogorodskiy 1 Nforum 2026-04-23 N/A
Multiple SQL injection vulnerabilities in nForum 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to showtheme.php and the (2) user parameter to userinfo.php.
CVE-2009-0730 3 Gigcalendar, Joomla, Mambo 3 Com Gigcalendar, Joomla, Mambo 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, which is not properly handled by venuedetails.php, and (2) the gigcal_bands_id parameter in a details action to index.php, which is not properly handled by banddetails.php, different vectors than CVE-2009-0726.
CVE-2009-0741 1 Craftsilicon 1 Banking\@home 2026-04-23 N/A
SQL injection vulnerability in Login.asp in Craft Silicon Banking@Home 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the LoginName parameter.
CVE-2008-2872 1 Aspindir 1 Shibby Shop 2026-04-23 N/A
SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
CVE-2008-2869 1 E-topbiz 1 Link Ads 1 2026-04-23 N/A
SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
CVE-2008-2867 1 E-topbiz 1 Viral Dx 1 2026-04-23 N/A
SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter.
CVE-2009-1751 1 Realtywebware 1 Realty Web-base 2026-04-23 N/A
SQL injection vulnerability in list_list.php in Realty Webware Technologies Web-Base 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-1747 1 26thavenue 1 Bspeak 2026-04-23 N/A
SQL injection vulnerability in index.php in 26th Avenue bSpeak 1.10 allows remote attackers to execute arbitrary SQL commands via the forumid parameter in a post action.
CVE-2008-2697 2 Joomla, Rapid-source 2 Com Rapidrecipe, Rapid Recipe 2026-04-23 N/A
SQL injection vulnerability in the Rapid Recipe (com_rapidrecipe) component 1.6.6 and 1.6.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php.
CVE-2009-0431 1 Codefixer 1 Linkspro 2026-04-23 N/A
SQL injection vulnerability in Default.asp in LinksPro Standard Edition allows remote attackers to execute arbitrary SQL commands via the OrderDirection parameter.
CVE-2009-1651 1 2daybiz 1 Business Community Script 2026-04-23 N/A
SQL injection vulnerability in admin/member_details.php in 2daybiz Business Community Script allows remote attackers to execute arbitrary SQL commands via the mid parameter.
CVE-2008-5751 1 Alstrasoft 1 Web Email Script Enterprise 2026-04-23 N/A
SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a directory action.