Search Results (19728 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-4846 1 Webace 1 Webace-linkscript 2026-04-23 N/A
SQL injection vulnerability in start.php in Webace-Linkscript (wls) 1.3 Special Edition (SE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik go action.
CVE-2009-2886 1 Phpscriptsnow 1 President Bios 2026-04-23 N/A
SQL injection vulnerability in bios.php in PHP Scripts Now President Bios allows remote attackers to execute arbitrary SQL commands via the rank parameter.
CVE-2008-5486 1 Turnkeyforms 1 Text Link Sales 2026-04-23 N/A
SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2883 1 Arabless 1 Saphplesson 2026-04-23 N/A
SQL injection vulnerability in admin/login.php in SaphpLesson 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cp_username parameter, related to an error in the CleanVar function in includes/functions.php.
CVE-2008-3445 1 Phpmyrealty 1 Phpmyrealty 2026-04-23 N/A
SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 allows remote attackers to execute arbitrary SQL commands via the location parameter.
CVE-2008-3484 1 Estoreaff 1 Estoreaff 2026-04-23 N/A
SQL injection vulnerability in eStoreAff 0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter in a showcat action to index.php.
CVE-2008-3512 1 Php Nuke 1 Kleinanzeigen Module 2026-04-23 N/A
SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the lid parameter in a visit action to modules.php.
CVE-2008-5629 1 Turnkeyarcade 1 Turnkey Arcade Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a play action.
CVE-2008-1350 1 Fully Modded Phpbb 1 Fully Modded Phpbb 2026-04-23 N/A
SQL injection vulnerability in kb.php in Fully Modded phpBB (phpbbfm) 80220 allows remote attackers to execute arbitrary SQL commands via the k parameter in an article action.
CVE-2009-2774 1 Php-paid4mail 1 Php-paid4mail 2026-04-23 N/A
SQL injection vulnerability in paidbanner.php in PHP Paid 4 Mail Script allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-0363 1 Clever Copy 1 Clever Copy 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to postcomment.php and the (2) album parameter to gallery.php.
CVE-2008-1351 1 Xoops 1 Tutoriais Module 2026-04-23 N/A
SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote attackers to execute arbitrary SQL commands via the tid parameter to printpage.php, which is accessible directly or through a printpage action to index.php.
CVE-2008-3669 1 Zeescripts 1 Zeereviews 2026-04-23 N/A
SQL injection vulnerability in comments.php in ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP Script (aka ZeeReviews) allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2007-5016 1 Insane Visions 1 Onecms 2026-04-23 N/A
SQL injection vulnerability in userreviews.php in OneCMS 2.4 allows remote attackers to execute arbitrary SQL commands via the abc parameter.
CVE-2008-0397 1 Aflog.org 1 Aflog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in aflog 1.01, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to comments.php and (2) an unspecified parameter to view.php.
CVE-2008-2113 1 Phpeasydata 1 Phpeasydata 2026-04-23 N/A
SQL injection vulnerability in annuaire.php in PHPEasyData 1.5.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-2114 1 Preprojects 1 Pre Shopping Mall 2026-04-23 N/A
SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
CVE-2009-2640 1 Interlogy 1 Profile Manager 2026-04-23 N/A
Multiple SQL injection vulnerabilities in cgi/admin.cgi in Interlogy Profile Manager Basic allow remote attackers to execute arbitrary SQL commands via a pmadm cookie in (1) an edittemp action or (2) a users action.
CVE-2008-5628 1 Little Cms 1 Little Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in CMS little 0.0.1 allows remote attackers to execute arbitrary SQL commands via the term parameter.
CVE-2008-0358 1 Pixelpost 1 Pixelpost 2026-04-23 N/A
SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter.