Export limit exceeded: 364946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19794 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0252 | 1 Enthrallweb | 1 Ereservations | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote attackers to execute arbitrary SQL commands via the (1) Login parameter (aka username field) or the (2) Password parameter (aka password field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0339 | 1 Dmxready | 1 Blog Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to execute arbitrary SQL commands via the itemID parameter in a view action. | ||||
| CVE-2009-0334 | 1 Katywhitton | 1 Blogit\! | 2026-04-23 | N/A |
| SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action. | ||||
| CVE-2009-0333 | 1 Joomla | 2 Com Waticketsystem, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_waticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php. | ||||
| CVE-2009-0332 | 1 Avbooklibrary | 1 Avbooklibrary | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in AV Book Library before 1.1 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) admin/edit.php, (2) admin/add.php, (3) lib/book_search.php, and possibly other components. | ||||
| CVE-2009-0329 | 1 Joomla | 2 Com Pccookbook, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844. | ||||
| CVE-2009-0324 | 1 Bibciter | 1 Bibciter | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in BibCiter 1.4 allow remote attackers to execute arbitrary SQL commands via the (1) idp parameter to reports/projects.php, the (2) idc parameter to reports/contacts.php, and the (3) idu parameter to reports/users.php. | ||||
| CVE-2007-3119 | 1 Kartli Alisveris Sistemi | 1 Kartli Alisveris Sistemi | 2026-04-23 | N/A |
| SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) 1.0 allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | ||||
| CVE-2009-0121 | 1 Goople Cms | 1 Goople Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-0106 | 1 Phpauctions | 1 Phpauctions | 2026-04-23 | N/A |
| SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | ||||
| CVE-2009-0104 | 1 Se-ed | 1 Ezpack | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action. | ||||
| CVE-2009-0750 | 2 Tombstone, Txtsql | 2 Smnews, Txtsql | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-3030 | 1 Efes Tech Shop | 1 Efes Tech Shop | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action. | ||||
| CVE-2009-1409 | 1 E107 | 1 E107 | 2026-04-23 | N/A |
| SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320. | ||||
| CVE-2007-6665 | 1 Netchemia | 1 Oneschool | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/login.asp in Netchemia oneSCHOOL allows remote attackers to execute arbitrary SQL commands via the txtLoginID parameter. | ||||
| CVE-2007-6670 | 1 Phpcredo | 1 Phcdownload | 2026-04-23 | N/A |
| SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers to execute arbitrary SQL commands via the string parameter. | ||||
| CVE-2007-6719 | 1 Inspector It | 1 Wiz-ad | 2026-04-23 | N/A |
| SQL injection vulnerability in Wiz-Ad 1.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-6727 | 1 Max Kervin | 1 Kervinet Forum | 2026-04-23 | N/A |
| SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter. | ||||
| CVE-2008-0026 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages. | ||||
| CVE-2008-0099 | 1 Myphp Forum | 1 Myphp Forum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the searchtext parameter to search.php, and unspecified other vectors. | ||||