Export limit exceeded: 363852 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19729 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6312 1 Manzovi 1 Proquiz 2026-04-23 N/A
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-6311 1 Butterflymedia 1 Butterfly Organizer 2026-04-23 N/A
SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 allows remote attackers to execute arbitrary SQL commands via the mytable parameter. NOTE: the id vector is covered by another CVE name.
CVE-2008-6309 1 W3matter 1 Askpert 2026-04-23 N/A
SQL injection vulnerability in index.php in W3matter AskPert allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
CVE-2007-4778 1 Joomla 1 Joomla 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to (1) archive.php, (2) category.php, or (3) section.php in models/. NOTE: this may be the same as CVE-2007-4777.
CVE-2008-6285 1 Businessvein 1 Php Tv Portal 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP TV Portal 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the mid parameter.
CVE-2008-6262 1 Infireal 1 Saturncms 2026-04-23 N/A
SQL injection vulnerability in lib/url/meta_url.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the URL to the translate function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6261 1 E-topbiz 1 Admanager 2026-04-23 N/A
SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows remote attackers to execute arbitrary SQL commands via the group parameter.
CVE-2008-6260 1 Ultrastats 1 Ultrastats 2026-04-23 N/A
SQL injection vulnerability in index.php in Ultrastats 0.2.144 and 0.3.11 allows remote attackers to execute arbitrary SQL commands via the serverid parameter.
CVE-2008-6237 1 Scripts-for-sites 1 Hotscripts-like Site 2026-04-23 N/A
SQL injection vulnerability in software-description.php in Scripts For Sites (SFS) Hotscripts-like Site allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6236 1 Cafuego 1 Simple Document Management System 2026-04-23 N/A
SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6233 1 Fivedollarscripts 1 Drinks 2026-04-23 N/A
SQL injection vulnerability in index.php in Five Dollar Scripts Drinks script allows remote attackers to execute arbitrary SQL commands via the recid parameter.
CVE-2008-6227 1 Preproject 1 Pre Multi-vendor Shopping Malls 2026-04-23 N/A
SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters.
CVE-2008-6226 1 Preproject 1 Php Auto Listings Script 2026-04-23 N/A
SQL injection vulnerability in moreinfo.php in Pre Projects PHP Auto Listings Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the itemno parameter.
CVE-2008-6220 1 Cafuego 1 Simple Document Management System 2026-04-23 N/A
SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the pass parameter.
CVE-2008-6165 1 Easy-script 1 Cspartner 2026-04-23 N/A
SQL injection vulnerability in gestion.php in CSPartner 0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) pseudo and (2) passe parameters.
CVE-2009-1027 1 Opencart 1 Opencart 2026-04-23 N/A
SQL injection vulnerability in OpenCart 1.1.8 allows remote attackers to execute arbitrary SQL commands via the order parameter.
CVE-2008-6050 2 Ircmaxell, Joomla 2 Tech Article, Joomla 2026-04-23 N/A
SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php.
CVE-2008-5978 1 Ocean12 Technologies 1 Mailing List Manager 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp.
CVE-2008-5785 1 V3chat 1 V3 Chat Profiles Dating Script 2026-04-23 N/A
SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
CVE-2008-5321 2 Xoops, Xoops Hocasi 2 Xoops, Gesgaleri 2026-04-23 N/A
SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the no parameter.