Search Results (19792 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1982 1 Wordpress 2 Wordpress, Wpss 2026-04-23 N/A
SQL injection vulnerability in ss_load.php in the Spreadsheet (wpSS) 0.6 and earlier plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter.
CVE-2006-7116 1 Kubix 1 Kubix 2026-04-23 N/A
SQL injection vulnerability in includes/functions.php in Kubix 0.7 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the member_id parameter ($id variable) to index.php.
CVE-2008-0490 1 Wordpress 1 Wp Cal Plugin 2026-04-23 N/A
SQL injection vulnerability in functions/editevent.php in the WP-Cal 0.3 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0491 1 Fgallery Project 1 Fgallery 2026-04-23 N/A
SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the album parameter.
CVE-2008-1843 1 W2b 1 Dating Club 2026-04-23 N/A
SQL injection vulnerability in browse.php in W2B DatingClub (aka Dating Club) allows remote attackers to execute arbitrary SQL commands via the age_to parameter in a browsebyCat action.
CVE-2008-0256 1 Matteo Binda 1 Asp Photo Gallery 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and (c) thumbricerca.asp and the (2) ricerca parameter to (d) thumbricerca.asp.
CVE-2007-5261 1 Iscripts 1 Multicart 2026-04-23 N/A
Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php.
CVE-2008-0262 1 Agares Media 1 Phpautovideo 2026-04-23 N/A
SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter.
CVE-2008-0286 1 Article Dashboard 1 Article Dashboard 2026-04-23 N/A
SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields.
CVE-2008-0291 1 Hangzhou Rui-qiang 1 Richstrong Cms 2026-04-23 N/A
SQL injection vulnerability in showproduct.asp in RichStrong CMS allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-0920 1 Open Source Security Information Management 1 Os-sim 2026-04-23 N/A
SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 allows remote authenticated users to execute arbitrary SQL commands via the portname parameter, which is not properly handled by a validation regular expression.
CVE-2006-5829 1 Aiocp 1 Aiocp 2026-04-23 N/A
Multiple SQL injection vulnerabilities in All In One Control Panel (AIOCP) 1.3.007 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) choosed_language parameter to (a) cp_dpage.php, (b) cp_news.php, (c) cp_forum_view.php, (d) cp_edit_user.php, (e) cp_newsletter.php, (f) cp_links.php, (g) cp_contact_us.php, (h) cp_login.php, and (i) cp_codice_fiscale.php in public/code/; (2) news_category parameter to public/code/cp_news.php; (3) nlmsg_nlcatid parameter to public/code/cp_newsletter.php; (4) links_category parameter to public/code/cp_links.php; (5) product_category_id parameter to public/code/cp_show_ec_products.php; (6) order_field parameter to public/code/cp_show_ec_products.php; (7) firstrow parameter to public/code/cp_users_online.php; and (8) orderdir parameter to public/code/cp_links_search.php.
CVE-2009-3501 1 Bpowerhouse 1 Bpstudents 2026-04-23 N/A
SQL injection vulnerability in students.php in BPowerHouse BPStudents 1.0 allows remote attackers to execute arbitrary SQL commands via the test parameter in a preview action.
CVE-2009-3434 3 Joomla, Mambo, Onestopjoomla 3 Joomla, Mambo, Com Tupinambis 2026-04-23 N/A
SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php.
CVE-2009-3361 1 Paul Gibbs 1 Php-ipnmonitor 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincat_id parameter.
CVE-2009-3326 1 Cmscontrol 1 Cmscontrol 2026-04-23 N/A
SQL injection vulnerability in index.php in CMScontrol Content Management System 7.x allows remote attackers to execute arbitrary SQL commands via the id_menu parameter.
CVE-2009-3308 1 Fanupdate 1 Fanupdate 2026-04-23 N/A
SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter.
CVE-2007-0695 1 Free Lan Intra Internet Portal 1 Free Lan Intra Internet Portal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some sources mention the escape_sqlData, implode_sql, and implode_sqlIn functions, but these are protection schemes, not the vulnerable functions.
CVE-2009-2891 1 Phpscriptsnow 1 Riddles 2026-04-23 N/A
SQL injection vulnerability in list.php in PHP Scripts Now Riddles allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2009-2885 1 Phpscriptsnow 1 World\'s Tallest Buildings 2026-04-23 N/A
SQL injection vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter.