Search Results (19816 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6666 1 Zenphoto 1 Zenphoto 2026-04-23 N/A
SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 allows remote attackers to execute arbitrary SQL commands via the albumnr parameter.
CVE-2009-0882 1 Roman Bogorodskiy 1 Nforum 2026-04-23 N/A
Multiple SQL injection vulnerabilities in nForum 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to showtheme.php and the (2) user parameter to userinfo.php.
CVE-2007-3938 1 Maxdev 1 Mdpro 2026-04-23 N/A
SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.8x and earlier before 20070720 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a view action in the Topics module, a different vulnerability than CVE-2006-1676.
CVE-2009-4583 1 Joomla 2 Com Dhforum, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the DhForum (com_dhforum) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a grouplist action to index.php.
CVE-2009-4582 1 Xoops 1 Xoops Dictionary 2026-04-23 N/A
SQL injection vulnerability in detail.php in the Dictionary module for XOOPS 2.0.18 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4577 1 Maxdev 2 Mdforum, Mdpro 2026-04-23 N/A
SQL injection vulnerability in the MDForum module 2.x through 2.07 for MAXdev MDPro allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php.
CVE-2007-6663 2 Joomla, Pragmatic Utopia 2 Joomla, Pu Arcade 2026-04-23 N/A
SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arcade (com_puarcade) 2.0.3, 2.1.2, and 2.1.3 Beta component for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter to index.php.
CVE-2007-3937 1 A-shop 1 A-shop 2026-04-23 N/A
Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-5607 2 Joomitaly, Joomla 2 Jmovies, Joomla 2026-04-23 N/A
SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2008-4524 1 Adaptcms 1 Adaptcms 2026-04-23 N/A
SQL injection vulnerability in the "Check User" feature (includes/check_user.php) in AdaptCMS Lite and AdaptCMS Pro 1.3 allows remote attackers to execute arbitrary SQL commands via the user_name parameter.
CVE-2008-5559 1 Dazzlindonna 1 Postecards 2026-04-23 N/A
SQL injection vulnerability in sendcard.cfm in PostEcards allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2009-1848 2 Joomla, Joomlame 2 Joomla, Com Agoragroup 2026-04-23 N/A
SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to index.php.
CVE-2009-3529 1 Radscripts 1 Radbids 2026-04-23 N/A
SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action, a different vector than CVE-2005-1074.
CVE-2008-4590 1 Stash 1 Stash 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Stash 1.0.3 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to admin/login.php and (2) the post parameter to admin/news.php.
CVE-2008-4599 1 Mosaic Commerce 1 Mosaic Commerce 2026-04-23 N/A
SQL injection vulnerability in category.php in Mosaic Commerce allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-4603 1 Igaming 1 Cms 2026-04-23 N/A
SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action.
CVE-2008-4604 1 Cafeengine 1 Easycafeengine 2026-04-23 N/A
SQL injection vulnerability in index.php in Easy CafeEngine 1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter.
CVE-2009-3528 1 Al4us 1 Mymsg 2026-04-23 N/A
SQL injection vulnerability in Profile.php in MyMsg 1.0.3 allows remote authenticated users to execute arbitrary SQL commands via the uid parameter in a show action.
CVE-2008-1732 1 Predictionfootball 1 Predictionfootball 2026-04-23 N/A
SQL injection vulnerability in showpredictionsformatch.php in Prediction Football 1.x allows remote attackers to execute arbitrary SQL commands via the matchid parameter in a dupa action.
CVE-2008-4605 1 Cafeengine 1 Easycafeengine 2026-04-23 N/A
SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) dish.php and (2) menu.php.