Search Results (19663 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3122 1 Xerox 1 Centreware Web 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors.
CVE-2008-3123 1 Mole Group 1 Real Estate Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Mole Group Real Estate Script 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action.
CVE-2008-3355 1 Camera Life 1 Camera Life 2026-04-23 N/A
SQL injection vulnerability in sitemap.xml.php in Camera Life 2.6.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.
CVE-2008-3124 1 Mole Group 1 Hotel Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote attackers to execute arbitrary SQL commands via the file parameter.
CVE-2008-6798 1 Preprojects 1 Pre Real Estate Listings 2026-04-23 N/A
Multiple SQL injection vulnerabilities in login.php in Pre Projects Pre Real Estate Listings allow remote attackers to execute arbitrary SQL commands via (1) the us parameter (aka the Username field) or (2) the ps parameter (aka the Password field).
CVE-2007-4966 1 Gforge 1 Gforge 2026-04-23 N/A
SQL injection vulnerability in www/people/editprofile.php in GForge 4.6b2 and earlier allows remote attackers to execute arbitrary SQL commands via the skill_delete[] parameter.
CVE-2009-2164 1 Kjtechforce 1 Mailman 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Kjtechforce mailman beta1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the code parameter to activate.php or (2) the dest parameter to index.php.
CVE-2008-4620 1 Mrbs 1 Mrbs 2026-04-23 N/A
SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php.
CVE-2008-4642 1 Astrospaces 1 Astrospaces 2026-04-23 N/A
SQL injection vulnerability in profile.php in AstroSPACES 1.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action.
CVE-2009-4084 1 E107 1 E107 2026-04-23 N/A
SQL injection vulnerability in the search feature in e107 0.7.16 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-2148 1 Campusvirtualcomputrade 1 Campus Virtual-lms 2026-04-23 N/A
SQL injection vulnerability in news/index.php in Campus Virtual-LMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2144 3 Edgewall, Firestats, Wordpress 3 Firestats, Firestats, Wordpress 2026-04-23 N/A
SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3495 1 Aspindir 1 Pcshey Portal 2026-04-23 N/A
SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter.
CVE-2009-2142 1 Zipstore 1 Zip Store Chat 2026-04-23 N/A
Multiple SQL injection vulnerabilities in admin/index.asp in Zip Store Chat 4.0 and 5.0 allow remote attackers to execute arbitrary SQL commands via the (1) login and (2) senha parameters.
CVE-2009-2120 1 Tekbase 1 Tekbase All-in-one 2026-04-23 N/A
Multiple SQL injection vulnerabilities in TekBase All-in-One 3.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) ids parameter to admin.php, the (2) y parameter to members.php, and other unspecified vectors. NOTE: vector 1 requires administrative access.
CVE-2008-4655 1 Typo3 2 Simplesurvey, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-4656 1 Typo3 2 Frontend Users View, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-4674 1 Conkurent 1 Real Estate 2026-04-23 N/A
SQL injection vulnerability in realestate-index.php in Conkurent Real Estate Manager 1.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in browse mode.
CVE-2009-4070 1 Gforge 1 Gforge 2026-04-23 N/A
SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2009-2098 1 Micheal Glazer 1 Phportal 2026-04-23 N/A
SQL injection vulnerability in topicler.php in phPortal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.