Search Results (19648 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1162 1 Php Web Scripts 1 Dynamic Photo Gallery 2026-04-23 N/A
SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter.
CVE-2008-1308 2 Phpnuke, Sudirman Angriawan 2 Php-nuke, Nukec30 2026-04-23 N/A
SQL injection vulnerability in the Sudirman Angriawan NukeC30 3.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action to modules.php.
CVE-2008-1297 3 Ewriting, Joomla, Mambo 3 Ewriting, Com Ewriting, Com Ewriting 2026-04-23 N/A
SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action.
CVE-2008-1732 1 Predictionfootball 1 Predictionfootball 2026-04-23 N/A
SQL injection vulnerability in showpredictionsformatch.php in Prediction Football 1.x allows remote attackers to execute arbitrary SQL commands via the matchid parameter in a dupa action.
CVE-2009-1487 1 Rens Rikkerink 1 Fungamez 2026-04-23 N/A
SQL injection vulnerability in pages/login.php in FunGamez RC1 allows remote attackers to execute arbitrary SQL commands via the login_user (aka username) parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-0421 1 Invision Power Services 1 Invision Gallery 2026-04-23 N/A
SQL injection vulnerability in Invision Gallery 2.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the album parameter in a rate command.
CVE-2008-2412 1 Acgv.free 1 Acgv News 2026-04-23 N/A
SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2417 1 How2asp 1 Webboard 2026-04-23 N/A
SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard 4.1 allows remote attackers to execute arbitrary SQL commands via the qNo parameter.
CVE-2008-6443 1 Phpkf 1 Phpkf 2026-04-23 N/A
SQL injection vulnerability in forum_duzen.php in phpKF allows remote attackers to execute arbitrary SQL commands via the fno parameter.
CVE-2007-6587 1 Plogger 1 Plogger 2026-04-23 N/A
SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-1346 1 Myiosoft 1 Easycalendar 2026-04-23 N/A
SQL injection vulnerability in staticpages/easygallery/index.php in MyioSoft EasyGallery 5.0tr and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action.
CVE-2008-1349 1 Exv2 2 Bamagalerie, Exv2 2026-04-23 N/A
SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Galerie) 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2009-0427 1 Dmxready 1 Member Directory Manager 2026-04-23 N/A
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2007-6583 1 1024 Cms 1 1024 Cms 2026-04-23 N/A
SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter.
CVE-2008-0424 1 Mooseguy Blog System 1 Mgbs 2026-04-23 N/A
SQL injection vulnerability in blog.php in Mooseguy Blog System (MGBS) 1.0 allows remote attackers to execute arbitrary SQL commands via the month parameter.
CVE-2008-0383 1 Mybb 1 Mybb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts action, (2) rid parameter in an allreports action, or (3) threads parameter in a do_multimovethreads action to (a) moderation.php; or (4) gid parameter to (b) admin/usergroups.php.
CVE-2007-6578 1 Zeak.net 1 Php Zlink 2026-04-23 N/A
SQL injection vulnerability in go.php in PHP ZLink 0.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-6577 1 Zsuite 1 Zblog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action.
CVE-2007-6576 1 Adultscript 1 Adultscript 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php.
CVE-2009-1224 1 Scivox 1 Vsp Stats Processor 2026-04-23 N/A
SQL injection vulnerability in vsp-core/pub/themes/bismarck/gamestat.php in vsp stats processor 0.45 allows remote attackers to execute arbitrary SQL commands via the gameID parameter.