Search Results (19663 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1961 1 Php Resource 1 Voice Of Web Allmyguests 2026-04-23 N/A
SQL injection vulnerability in index.php in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to execute arbitrary SQL commands via the AMG_id parameter in a comments action.
CVE-2008-0832 2 Joomla, Mambo 2 Kemas Antonius Com Quran, Kemas Antonius Com Quran 2026-04-23 N/A
SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action.
CVE-2007-5887 1 Infuseum 1 Asp Message Board 2026-04-23 N/A
SQL injection vulnerability in boards/printer.asp in ASP Message Board 2.2.1c allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0844 1 Joomla 1 Com Pccookbook 2026-04-23 N/A
SQL injection vulnerability in index.php in the PccookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
CVE-2008-0845 1 Wordpress 1 Dean Logan Wp-people Plugin 2026-04-23 N/A
SQL injection vulnerability in wp-people-popup.php in Dean Logan WP-People plugin 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the person parameter.
CVE-2008-0856 1 E-vision 1 E-vision Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) iframe.php and (2) print.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1871 1 Scriptsagent 1 Links Directory 2026-04-23 N/A
SQL injection vulnerability in links.php in Scriptsagent.com Links Directory 1.1 allows remote authenticated users to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-1872 1 Comdev 1 Comdev News Publisher 2026-04-23 N/A
SQL injection vulnerability in home.news.php in Comdev News Publisher 4.1.2 allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-3497 1 Myphp Cms 1 Myphp Cms 2026-04-23 N/A
SQL injection vulnerability in pages.php in MyPHP CMS 0.3.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
CVE-2008-7097 1 Qsoft-inc 1 K-rate 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Qsoft K-Rate Premium allow remote attackers to execute arbitrary SQL commands via (1) the $id variable in admin/includes/dele_cpac.php, (2) $ord[order_id] variable in payments/payment_received.php, (3) $id variable in includes/functions.php, and (4) unspecified variables in modules/chat.php, as demonstrated via the (a) show parameter in an online action to index.php; (b) PATH_INTO to the room/ handler; (c) image and (d) id parameters in a vote action to index.php; (e) PATH_INFO to the blog/ handler; and (f) id parameter in a blog_edit action to index.php.
CVE-2008-2286 1 Symantec 1 Altiris Deployment Solution 2026-04-23 N/A
SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet.
CVE-2008-2301 1 Phpway 1 Kostenloses Linkmanagementscript 2026-04-23 N/A
SQL injection vulnerability in Kostenloses Linkmanagementscript allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) top_view.php.
CVE-2008-5166 1 Easysitenetwork 1 Riddles Website 2026-04-23 N/A
SQL injection vulnerability in riddle.php in Riddles Website 1.2.1 allows remote attackers to execute arbitrary SQL commands via the riddleid parameter.
CVE-2008-5174 1 Easysitenetwork 1 Jokes Complete Website 2026-04-23 N/A
SQL injection vulnerability in joke.php in Jokes Complete Website 2.1.3 allows remote attackers to execute arbitrary SQL commands via the jokeid parameter.
CVE-2009-0407 1 Humayun Shabbir 1 Php-cms Project 2026-04-23 N/A
SQL injection vulnerability in admin/login.php in PHP-CMS Project 1 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-1336 1 Koobi 1 Koobi Cms 2026-04-23 N/A
SQL injection vulnerability in Koobi CMS 4.2.3 through 4.3.0 allows remote attackers to execute arbitrary SQL commands via the categ parameter in a links action to index.php, a different vector than CVE-2008-1122.
CVE-2009-0409 1 Mzbservices 1 Max.blog 2026-04-23 N/A
SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-2685 1 Battleblog 1 Battleblog 2026-04-23 N/A
SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter, a different vector than CVE-2008-2626.
CVE-2008-2688 1 Pilotcart 1 Pilot Cart 2026-04-23 N/A
SQL injection vulnerability in pilot.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the article parameter in a kb action.
CVE-2008-7208 1 Insane Visions 1 Onecms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username parameter ($usernameb variable) to a_login.php or (2) user parameter to staff.php.