Export limit exceeded: 19719 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19719 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-4863 1 Quirm 1 Saxon 2026-04-23 N/A
SQL injection vulnerability in example.php in SAXON 5.4 allows remote attackers to execute arbitrary SQL commands via the template parameter.
CVE-2007-4919 1 Jblog 1 Jblog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in JBlog 1.0 allow (1) remote attackers to execute arbitrary SQL commands via the id parameter to index.php, and allow (2) remote authenticated administrators to execute arbitrary SQL commands via the id parameter to admin/modifpost.php.
CVE-2007-4920 1 Php Webquest 1 Php Webquest 2026-04-23 N/A
SQL injection vulnerability in soporte_derecha_w.php in PHP Webquest 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter.
CVE-2007-5084 1 Broadcom 1 Brightstor Hierarchical Storage Manager 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others.
CVE-2007-5141 1 Sitex 1 Sitex Cms 2026-04-23 N/A
SQL injection vulnerability in search.php in SiteX CMS 0.7.3 Beta allows remote attackers to execute arbitrary SQL commands via the search parameter.
CVE-2007-5150 1 Nukescripts 1 Nukesentinel 2026-04-23 N/A
SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie, a different vector than CVE-2007-5125.
CVE-2007-5151 1 Nukescripts 1 Nukesentinel 2026-04-23 N/A
SQL injection vulnerability in the abget_admin function in includes/nukesentinel.php in NukeSentinel 2.5.12 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie.
CVE-2007-5220 1 Asp Product Catalog 1 Asp Product Catalog 2026-04-23 N/A
SQL injection vulnerability in catalog.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter and possibly other parameters.
CVE-2007-5308 1 Php Homepage M 1 Php Homepage M 2026-04-23 N/A
SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.
CVE-2007-5452 1 Php-stats 1 Php-stats 2026-04-23 N/A
Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote attackers to execute arbitrary SQL commands via the (1) ip or (2) t parameter.
CVE-2007-5485 1 Kwsphp 1 Kwsphp 2026-04-23 N/A
SQL injection vulnerability in index.php in the mg2 1.0 module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the album parameter.
CVE-2007-5719 1 Minibb 1 Minibb 2026-04-23 N/A
SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows remote attackers to execute arbitrary SQL commands via the table parameter to index.php.
CVE-2007-5912 1 Jportal 1 Jportal Web Portal 2026-04-23 N/A
SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
CVE-2007-5973 1 Jportal 1 Jportal Web Portal 2026-04-23 N/A
SQL injection vulnerability in articles.php in JPortal 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter.
CVE-2007-5974 1 Jportal 1 Jportal Web Portal 2026-04-23 N/A
SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
CVE-2007-5975 1 Torrentstrike 1 Torrentstrike 2026-04-23 N/A
SQL injection vulnerability in index.php in TBSource, as used in (1) TBDev and (2) TorrentStrike 0.4, allows remote authenticated users to execute arbitrary SQL commands via the choice parameter. NOTE: some of these details are obtained from third party information.
CVE-2007-5999 1 Softbizscripts 1 Softbiz Auctions Script 2026-04-23 N/A
SQL injection vulnerability in product_desc.php in Softbiz Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-6004 1 Toko 1 Instan 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Toko Instan 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in an artikel action or (2) the katid parameter in a produk action.
CVE-2007-6032 1 Aleris 1 Web Publishing Server 2026-04-23 N/A
SQL injection vulnerability in calendar/page.asp in Aleris Web Publishing Server 3.0 allows remote attackers to execute arbitrary SQL commands via the mode parameter.
CVE-2007-6035 1 Cacti 1 Cacti 2026-04-23 N/A
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.