Search Results (19810 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5590 1 Kalptaru Infotech 1 Product Sale Framework 2026-04-23 N/A
SQL injection vulnerability in customer.forumtopic.php in Kalptaru Infotech Product Sale Framework 0.1 beta allows remote attackers to execute arbitrary SQL commands via the forum_topic_id parameter.
CVE-2008-5589 1 Katywhitton 1 Rankem 2026-04-23 N/A
SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the (1) txtusername parameter (aka username field) or the (2) txtpassword parameter (aka password field). NOTE: some of these details are obtained from third party information.
CVE-2008-5588 1 Katywhitton 1 Rankem 2026-04-23 N/A
SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the siteID parameter.
CVE-2008-5586 1 Check Up 1 Check New 2026-04-23 N/A
SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter.
CVE-2010-0324 2 Patrick Bauerochse, Typo3 2 Ref List, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Customer Reference List (ref_list) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6088 2 Joomla, Joomtracker 2 Joomla, Com Joomtracker 2026-04-23 N/A
SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php.
CVE-2008-5295 1 Jamit Software 1 Jamit Job Board 2026-04-23 N/A
SQL injection vulnerability in index.php in Jamit Job Board 3.4.10 allows remote attackers to execute arbitrary SQL commands via the show_emp parameter.
CVE-2008-5294 1 Bdigital Web Solutions 1 Webstudio Ecatalogue 2026-04-23 N/A
SQL injection vulnerability in index.php in WebStudio eCatalogue allows remote attackers to execute arbitrary SQL commands via the pageid parameter.
CVE-2008-5293 1 Bdigital Web Solutions 1 Webstudio Ehotel 2026-04-23 N/A
SQL injection vulnerability in index.php in WebStudio eHotel allows remote attackers to execute arbitrary SQL commands via the pageid parameter.
CVE-2008-5292 1 Videogirls 1 Videogirls Biz 2026-04-23 N/A
SQL injection vulnerability in view_snaps.php in VideoGirls BiZ allows remote attackers to execute arbitrary SQL commands via the type parameter.
CVE-2008-6091 1 Bmforum 1 Bmforum 2026-04-23 N/A
SQL injection vulnerability in plugins.php in BMForum 5.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tagname parameter.
CVE-2008-1870 1 Geek247 1 Pigmy-sql 2026-04-23 N/A
SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-1869 1 Site Sift Media 1 Site Sift Listings 2026-04-23 N/A
SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific.
CVE-2008-7091 1 Pligg 1 Pligg Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Pligg 9.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to vote.php, which is not properly handled in libs/link.php; (2) id parameter to trackback.php; (3) an unspecified parameter to submit.php; (4) requestTitle variable in a query to story.php; (5) requestID and (6) requestTitle variables in recommend.php; (7) categoryID parameter to cloud.php; (8) title parameter to out.php; (9) username parameter to login.php; (10) id parameter to cvote.php; and (11) commentid parameter to edit.php.
CVE-2008-6250 1 Comdev 1 Comdev Web Blogger 2026-04-23 N/A
SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page.
CVE-2008-6255 1 Vbulletin 1 Vbulletin 2026-04-23 N/A
Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php.
CVE-2008-1864 1 Prozilla 1 Prozilla Freelancers 2026-04-23 N/A
SQL injection vulnerability in project.php in Prozilla Freelancers allows remote attackers to execute arbitrary SQL commands via the project parameter.
CVE-2008-1863 1 Prozilla 1 Cheats 2026-04-23 N/A
SQL injection vulnerability in view_reviews.php in Prozilla Cheat Script (aka Cheats) 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5047 1 Mole Group 1 Rental Script 2026-04-23 N/A
SQL injection vulnerability in admin/index.php in Mole Group Rental Script allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2009-0384 1 Adam Tomecek 1 Ownrs 2026-04-23 N/A
SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.