Search Results (19783 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6692 2 Fr.simon Rundell, Typo3 2 Pd Trainingcourses, Typo3 2026-04-23 N/A
SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6693 2 Sebastian Baumann, Typo3 2 Sb Downloader, Typo3 2026-04-23 N/A
SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2009-1263 2 Alikonweb, Joomla 2 Com Bookjoomlas, Joomla 2026-04-23 N/A
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
CVE-2009-1256 1 Flexcms 1 Flexcms 2026-04-23 N/A
SQL injection vulnerability in FlexCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the ItemId parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6720 1 Deltascripts 1 Php Links 2026-04-23 N/A
SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka the admin field).
CVE-2009-4591 1 Secureideas 1 Base 2026-04-23 N/A
SQL injection vulnerability in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6728 1 Phpnuke 1 Php-nuke 2026-04-23 N/A
SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
CVE-2009-1655 1 Easy-scripts 1 Answer And Question Script 2026-04-23 N/A
Multiple SQL injection vulnerabilities in myaccount.php in Easy Scripts Answer and Question Script allow remote authenticated users to execute arbitrary SQL commands via the (1) user name (userid parameter) and (2) password.
CVE-2008-6632 1 Mercuryboard 1 Mercuryboard 2026-04-23 N/A
SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER['HTTP_USER_AGENT']).
CVE-2008-2793 1 Clip-share 1 Clipshare 2026-04-23 N/A
SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to execute arbitrary SQL commands via the tid parameter.
CVE-2009-1657 1 B2evolution 2 B2evolution, Starrating Plugin 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the Starrating plugin before 0.7.7 for b2evolution allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2067 1 Minibb 1 Minibb 2026-04-23 N/A
SQL injection vulnerability in bb_admin.php in miniBB 2.2a allows remote attackers to execute arbitrary SQL commands via the whatus parameter in a searchusers2 action. NOTE: it was later reported that other versions before 3.0.1 are also vulnerable.
CVE-2009-4576 2 Cmstactics, Joomla 2 Com Beeheard, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php.
CVE-2009-1658 1 Realtywebware 1 Realty Web-base 2026-04-23 N/A
Multiple SQL injection vulnerabilities in admin/admin.php in Realty Webware Technologies Realty Web-Base 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user (username) and (2) password parameters. NOTE: some of these details are obtained from third party information.
CVE-2008-6865 2 Php-nuke, Phpnuke 2 Sections Module, Php-nuke 2026-04-23 N/A
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
CVE-2008-6866 1 Php-nuke 1 Current Issue Module 2026-04-23 N/A
SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action.
CVE-2008-6907 1 2532gigs 1 2532gigs 2026-04-23 N/A
Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, as accessible from a form generated by index.php.
CVE-2008-6622 1 Webbdomian 1 Post Card 2026-04-23 N/A
SQL injection vulnerability in choosecard.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02, 1.01, and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2009-0604 1 Php Director 1 Php Director 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP Director 0.21 and earlier allows remote attackers to execute arbitrary SQL commands via the searching parameter.
CVE-2009-4574 1 I-escorts 1 I-escorts Directory Script 2026-04-23 N/A
SQL injection vulnerability in country_escorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the country_id parameter.