Search Results (19737 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6093 1 Noname-cms 1 Noname Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Noname CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) file_id parameter in a detailansicht action and the (2) kategorie parameter in a kategorien action.
CVE-2008-5057 1 Aspindir 1 Dizi Portali 2026-04-23 N/A
SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5055 1 Activecampaign 1 Triolive 2026-04-23 N/A
SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to execute arbitrary SQL commands via the department_id parameter to index.php.
CVE-2008-5054 1 Develop It Easy 1 Membership System 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters to customer_login.php and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-5051 2 Jooblog, Joomla 2 Jooblog, Joomla 2026-04-23 N/A
SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php.
CVE-2009-4566 1 Zenphoto 1 Zenphoto 2026-04-23 N/A
SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote attackers to execute arbitrary SQL commands via the title parameter in a news action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-0984 1 Aspcode.net 1 Pollmentor 2026-04-23 N/A
SQL injection vulnerability in admin_poll.asp in PollMentor 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to pollmentorres.asp.
CVE-2007-2000 1 Raphael Limbach 1 Crea-book 2026-04-23 N/A
Multiple SQL injection vulnerabilities in admin/admin.php in Crea-Book 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pseudo or (2) passe parameter.
CVE-2009-1661 1 Anoldman 1 Utopic 2026-04-23 N/A
SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php.
CVE-2009-3669 2 Foobla, Joomla 2 Com Foobla Suggestions, Joomla 2026-04-23 N/A
SQL injection vulnerability in the foobla Suggestions (com_foobla_suggestions) component 1.5.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the idea_id parameter to index.php.
CVE-2009-3665 1 Nullam 1 Nullam Blog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote attackers to execute arbitrary SQL commands via the (1) i parameter or (2) v parameters in a register action.
CVE-2008-6810 1 Bookingcentre 1 Booking System For Hotels Group 2026-04-23 N/A
Multiple SQL injection vulnerabilities in admin/checklogin.php in Venalsur Booking Centre Booking System for Hotels Group 2.01 allow remote attackers to execute arbitrary SQL commands via the (1) myusername (username) and (2) password parameters. NOTE: some of these details are obtained from third party information.
CVE-2009-4360 2 Handcoders, Xoops 2 Content Module, Xoops 2026-04-23 N/A
SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2009-3661 2 Blueconstantmedia, Joomla 2 Com Djcatalog, Joomla 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php.
CVE-2009-3659 1 Stanback 1 Bs Counter 2026-04-23 N/A
SQL injection vulnerability in file/stats.php in BS Counter 2.5.3 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2009-3713 1 Morcego 1 Morcegocms 2026-04-23 N/A
SQL injection vulnerability in fichero.php in MorcegoCMS 1.7.6 and earlier allows remote attackers to execute arbitrary SQL commands via the query string.
CVE-2009-3715 1 Maniacomputer 1 Mcshoutbox 2026-04-23 N/A
Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
CVE-2008-2183 1 Toocharger 1 Smartblog 2026-04-23 N/A
SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to execute arbitrary SQL commands via the idt parameter.
CVE-2009-1655 1 Easy-scripts 1 Answer And Question Script 2026-04-23 N/A
Multiple SQL injection vulnerabilities in myaccount.php in Easy Scripts Answer and Question Script allow remote authenticated users to execute arbitrary SQL commands via the (1) user name (userid parameter) and (2) password.
CVE-2009-4540 1 Bpowerhouse 1 Mini Cms 2026-04-23 N/A
SQL injection vulnerability in page.php in Mini CMS 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.