Search Results (19810 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3725 1 Yourfreeworld 1 Ad Board Script 2026-04-23 N/A
SQL injection vulnerability in trr.php in YourFreeWorld Ad Board Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3417 1 Fipsasp 1 Fipscms Light 2026-04-23 N/A
SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the r parameter, a different vector than CVE-2006-6115 and CVE-2007-2561.
CVE-2008-6203 1 Jakob-persson 1 Cobalt 2026-04-23 N/A
SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6202 1 Jakob-persson 1 Cobalt 2026-04-23 N/A
SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) urun.asp, (2) admin/bayi_listele.asp, (3) admin/urun_grup_listele.asp, and (4) admin/urun_listele.asp.
CVE-2008-3722 1 Fipsasp 1 Fipscms 2026-04-23 N/A
SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3416 1 Icebb 1 Icebb 2026-04-23 N/A
SQL injection vulnerability in modules/members.php in IceBB before 1.0-rc9.3 allows remote attackers to execute arbitrary SQL commands via the username parameter in a members action to index.php, related to an incorrect protection mechanism in the clean_string function in includes/functions.php.
CVE-2008-2996 1 Gravityboardx 1 Gravity Board X 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Gravity Board X (GBX) 2.0 Beta, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchquery parameter in a getsearch action, and the (2) board_id parameter in a viewboard action.
CVE-2008-3720 1 Deeemm 1 Dmcms 2026-04-23 N/A
SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the id vector is already covered by CVE-2007-5679.
CVE-2007-6373 1 Gestdown 1 Gestdown 2026-04-23 N/A
Multiple SQL injection vulnerabilities in GestDown 1.00 Beta allow remote attackers to execute arbitrary SQL commands via the (1) categorie parameter to catdownload.php, or the id parameter to (2) download.php or (3) hitcounter.php.
CVE-2007-6318 1 Wordpress 1 Wordpress 2026-04-23 N/A
SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or possibly other character set encodings that support a "\" in a multibyte character.
CVE-2009-4046 1 Frontaccounting 1 Frontaccounting 2026-04-23 N/A
Multiple SQL injection vulnerabilities in FrontAccounting (FA) 2.2.x before 2.2 RC allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) bank_accounts.php, (2) currencies.php, (3) exchange_rates.php, (4) gl_account_types.php, and (5) gl_accounts.php in gl/manage/; and (6) audit_trail_db.inc, (7) comments_db.inc, (8) inventory_db.inc, (9) manufacturing_db.inc, and (10) references_db.inc in includes/db/.
CVE-2007-5233 1 Deonixscripts 1 Web Template Management System 2026-04-23 N/A
SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a readmore action.
CVE-2008-2125 1 Musicbox 1 Musicbox 2026-04-23 N/A
SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to execute arbitrary SQL commands via the artistId parameter.
CVE-2008-6197 1 Kwsphp 2 Galerie Module, Kwsphp 2026-04-23 N/A
SQL injection vulnerability in index.php in the galerie module for KwsPHP 1.3.456 allows remote attackers to execute arbitrary SQL commands via the id_gal parameter in a gal action.
CVE-2008-2124 1 Fipsasp 1 Fipscms 2026-04-23 N/A
SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS allows remote attackers to execute arbitrary SQL commands via the lg parameter.
CVE-2008-3713 1 Phpbasket 1 Phpbasket 2026-04-23 N/A
SQL injection vulnerability in product.php in PHPBasket allows remote attackers to execute arbitrary SQL commands via the pro_id parameter.
CVE-2008-4620 1 Mrbs 1 Mrbs 2026-04-23 N/A
SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php.
CVE-2008-3711 1 Phparcadescript 1 Phparcadescript 2026-04-23 N/A
SQL injection vulnerability in index.php in PHPArcadeScript (PHP Arcade Script) 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a browse action.
CVE-2007-3539 1 Qt-cute 2 Quicktalk Forum, Quickticket 2026-04-23 N/A
Multiple SQL injection vulnerabilities in QuickTicket 1.2 build:20070621 and QuickTalk Forum 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) t and (2) f parameters in (a) qti_ind_post.php and (b) qti_ind_post_prt.php; (3) dir and (4) order parameters in qti_ind_member.php; (5) id parameter in qti_usr.php; and the (6) f parameter in qti_ind_topic.php. NOTE: it was later reported that vector 5 also affects 1.4, 1.5, and 1.5.0.3.
CVE-2008-6184 2 Joomla, Medialab-karlsruhe 2 Joomla, Ownbiblio 2026-04-23 N/A
SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a catalogue action to index.php.