Export limit exceeded: 363358 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363358 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19690 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6163 1 Openx 1 Openx 2026-04-23 N/A
SQL injection vulnerability in www/delivery/ac.php in OpenX 2.6.1 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter.
CVE-2008-6145 1 Typo3 2 Typo3, Wec Discussion Forum 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-0832 2 Ausimods, Php-fusion 2 E-cart, Php-fusion 2026-04-23 N/A
SQL injection vulnerability in items.php in the E-Cart module 1.3 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the CA parameter.
CVE-2008-4303 1 Php-collab 1 Php-collab 2026-04-23 N/A
Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and earlier allow remote attackers to execute arbitrary SQL commands via the loginForm parameter to general/login.php, and unspecified other vectors.
CVE-2009-3582 1 Sql-ledger 1 Sql-ledger 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search operation.
CVE-2010-0341 1 Typo3 2 Bb Simplejobs, Typo3 2026-04-23 N/A
SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6124 2 Debian, Moodle 2 Debian Linux, Moodle 2026-04-23 N/A
SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the HotPot module in Moodle 1.6 before 1.6.7, 1.7 before 1.7.5, 1.8 before 1.8.6, and 1.9 before 1.9.2 allows remote attackers to execute arbitrary SQL commands via a crafted selected attempt.
CVE-2010-0342 1 Typo3 2 Job Reports, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Reports for Job (job_reports) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-3590 1 Vspanel 1 Vs Panel 2026-04-23 N/A
SQL injection vulnerability in showcat.php in VS PANEL 7.3.6 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter.
CVE-2009-0542 1 Proftpd Project 1 Proftpd 2026-04-23 N/A
SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 allows remote attackers to execute arbitrary SQL commands via a "%" (percent) character in the username, which introduces a "'" (single quote) character during variable substitution by mod_sql.
CVE-2008-6120 1 Socialengine 1 Socialengine 2026-04-23 N/A
SQL injection vulnerability in profile_comments.php in SocialEngine (SE) 2.7 and earlier allows remote attackers to execute arbitrary SQL commands via the comment_secure parameter.
CVE-2008-6117 1 Pilotgroup 1 Pg Job Site Pro 2026-04-23 N/A
SQL injection vulnerability in homepage.php in PG Job Site Pro allows remote attackers to execute arbitrary SQL commands via the poll_view_id parameter in a results action.
CVE-2008-2492 1 Badongo 1 Campus Bulletin Board 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to post3/view.asp and the (2) review parameter to post3/book.asp.
CVE-2009-3595 1 Vspanel 1 Vs Panel 2026-04-23 N/A
SQL injection vulnerability in results.php in VS PANEL 7.5.5 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter, a different vector than CVE-2009-3590.
CVE-2008-2498 1 Mambo-foundation 1 Mambo 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third party information.
CVE-2008-4328 1 Easyrealtorpro 1 Easyrealtorpro 2026-04-23 N/A
SQL injection vulnerability in site_search.php in EasyRealtorPRO 2008 allows remote attackers to execute arbitrary SQL commands via the (1) item, (2) search_ordermethod, and (3) search_order parameters.
CVE-2008-6778 1 Scripts-for-sites 1 Ez Auction 2026-04-23 N/A
SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-4335 1 Atomic Photo Album 1 Atomic Photo Album 2026-04-23 N/A
SQL injection vulnerability in album.php in Atomic Photo Album (APA) 1.1.0pre4 allows remote attackers to execute arbitrary SQL commands via the apa_album_ID parameter.
CVE-2008-6783 1 Scripts-for-sites 1 Ez Home Business Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Home Business Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2009-0768 1 Yapbb 1 Yapbb 2026-04-23 N/A
SQL injection vulnerability in forumhop.php in YapBB 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the forumID parameter in a next action.