Search Results (19792 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6091 1 Bmforum 1 Bmforum 2026-04-23 N/A
SQL injection vulnerability in plugins.php in BMForum 5.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tagname parameter.
CVE-2009-3316 2 Jforjoomla, Joomla 2 Com Jreservation, Joomla 2026-04-23 N/A
SQL injection vulnerability in the JReservation (com_jreservation) component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php.
CVE-2009-2179 1 W2b 1 Phpdatingclub 2026-04-23 N/A
SQL injection vulnerability in search.php in phpDatingClub 3.7 allows remote attackers to execute arbitrary SQL commands via the sform[day] parameter.
CVE-2007-6556 1 Websihirbazi 1 Websihirbazi 2026-04-23 N/A
Multiple SQL injection vulnerabilities in websihirbazi 5.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to default.asp in a news page action or (2) the pageid parameter to default.asp.
CVE-2007-6559 1 Logaholic 1 Logaholic 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to execute arbitrary SQL commands via (1) the from parameter to index.php or (2) the page parameter to update.php.
CVE-2009-3315 1 Nelogic 1 Nephp Publisher 2026-04-23 N/A
SQL injection vulnerability in admin/index.php in NeLogic Nephp Publisher Enterprise 3.5.9 and 4.5 allows remote attackers to execute arbitrary SQL commands via the Username field.
CVE-2009-3314 1 Eliteladders 1 Elite Gaming Ladders 2026-04-23 N/A
SQL injection vulnerability in ladders.php in Elite Gaming Ladders 3.2 allows remote attackers to execute arbitrary SQL commands via the platform parameter.
CVE-2007-6576 1 Adultscript 1 Adultscript 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php.
CVE-2009-3313 1 Fmyclone 1 Fmyclone 2026-04-23 N/A
Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to (1) index.php and (2) editComments.php, and (3) allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action to edit.php.
CVE-2007-6577 1 Zsuite 1 Zblog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action.
CVE-2007-6578 1 Zeak.net 1 Php Zlink 2026-04-23 N/A
SQL injection vulnerability in go.php in PHP ZLink 0.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-3310 1 Shalwan 1 Zainu 2026-04-23 N/A
SQL injection vulnerability in index.php in Zainu 1.0 allows remote attackers to execute arbitrary SQL commands via the album_id parameter in an AlbumSongs action.
CVE-2009-4600 1 Netartmedia 1 Media Real Estate Portal 2026-04-23 N/A
SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the Email parameter (aka the username field). NOTE: some of these details are obtained from third party information.
CVE-2009-4599 2 Joomla, Joomshark 2 Joomla, Com Jsjobs 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the md parameter in an employer view_company action to index.php or (2) the oi parameter in an employer view_job action to index.php.
CVE-2009-4598 2 Corephp, Joomla 2 Com Jphoto, Joomla 2026-04-23 N/A
SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action to index.php.
CVE-2009-4595 1 Phpwares 1 Php Inventory 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP Inventory 1.2 allows remote authenticated users to execute arbitrary SQL commands via the sup_id parameter in a suppliers details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-6583 1 1024 Cms 1 1024 Cms 2026-04-23 N/A
SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter.
CVE-2007-6587 1 Plogger 1 Plogger 2026-04-23 N/A
SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4430 1 Virtuemart 1 Virtuemart 2026-04-23 N/A
SQL injection vulnerability in index.php in VirtueMart 1.0 allows remote attackers to execute arbitrary SQL commands via the product_id parameter in a shop.product_details shop.flypage action.
CVE-2008-6101 1 Ezonescripts 1 Adult Banner Exchange Website 2026-04-23 N/A
SQL injection vulnerability in click.php in Adult Banner Exchange Website allows remote attackers to execute arbitrary SQL commands via the targetid parameter.