Export limit exceeded: 364946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19794 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-0252 1 Enthrallweb 1 Ereservations 2026-04-23 N/A
Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote attackers to execute arbitrary SQL commands via the (1) Login parameter (aka username field) or the (2) Password parameter (aka password field). NOTE: some of these details are obtained from third party information.
CVE-2009-0339 1 Dmxready 1 Blog Manager 2026-04-23 N/A
SQL injection vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to execute arbitrary SQL commands via the itemID parameter in a view action.
CVE-2009-0334 1 Katywhitton 1 Blogit\! 2026-04-23 N/A
SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action.
CVE-2009-0333 1 Joomla 2 Com Waticketsystem, Joomla 2026-04-23 N/A
SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_waticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php.
CVE-2009-0332 1 Avbooklibrary 1 Avbooklibrary 2026-04-23 N/A
Multiple SQL injection vulnerabilities in AV Book Library before 1.1 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) admin/edit.php, (2) admin/add.php, (3) lib/book_search.php, and possibly other components.
CVE-2009-0329 1 Joomla 2 Com Pccookbook, Joomla 2026-04-23 N/A
SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844.
CVE-2009-0324 1 Bibciter 1 Bibciter 2026-04-23 N/A
Multiple SQL injection vulnerabilities in BibCiter 1.4 allow remote attackers to execute arbitrary SQL commands via the (1) idp parameter to reports/projects.php, the (2) idc parameter to reports/contacts.php, and the (3) idu parameter to reports/users.php.
CVE-2007-3119 1 Kartli Alisveris Sistemi 1 Kartli Alisveris Sistemi 2026-04-23 N/A
SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) 1.0 allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
CVE-2009-0121 1 Goople Cms 1 Goople Cms 2026-04-23 N/A
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-0106 1 Phpauctions 1 Phpauctions 2026-04-23 N/A
SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
CVE-2009-0104 1 Se-ed 1 Ezpack 2026-04-23 N/A
SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action.
CVE-2009-0750 2 Tombstone, Txtsql 2 Smnews, Txtsql 2026-04-23 N/A
SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-3030 1 Efes Tech Shop 1 Efes Tech Shop 2026-04-23 N/A
SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action.
CVE-2009-1409 1 E107 1 E107 2026-04-23 N/A
SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320.
CVE-2007-6665 1 Netchemia 1 Oneschool 2026-04-23 N/A
SQL injection vulnerability in admin/login.asp in Netchemia oneSCHOOL allows remote attackers to execute arbitrary SQL commands via the txtLoginID parameter.
CVE-2007-6670 1 Phpcredo 1 Phcdownload 2026-04-23 N/A
SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers to execute arbitrary SQL commands via the string parameter.
CVE-2007-6719 1 Inspector It 1 Wiz-ad 2026-04-23 N/A
SQL injection vulnerability in Wiz-Ad 1.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-6727 1 Max Kervin 1 Kervinet Forum 2026-04-23 N/A
SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter.
CVE-2008-0026 1 Cisco 2 Unified Callmanager, Unified Communications Manager 2026-04-23 N/A
SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages.
CVE-2008-0099 1 Myphp Forum 1 Myphp Forum 2026-04-23 N/A
Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the searchtext parameter to search.php, and unspecified other vectors.