Export limit exceeded: 364155 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19740 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5946 | 1 Php-fusion | 1 Php-fusion | 2026-04-23 | N/A |
| SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | ||||
| CVE-2008-5940 | 1 Modxcms | 1 Modxcms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the searchid parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4904 | 1 Typosphere | 1 Typo | 2026-04-23 | N/A |
| SQL injection vulnerability in the "Manage pages" feature (admin/pages) in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via the search[published_at] parameter. | ||||
| CVE-2009-0494 | 2 Joomla, Mivaco | 2 Joomla, Com Portfol | 2026-04-23 | N/A |
| SQL injection vulnerability in the Portfol (com_portfol) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the vcatid parameter in a viewcategory action to index.php. | ||||
| CVE-2008-5934 | 1 Cmsisweb | 1 Cms Isweb | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows remote attackers to execute arbitrary SQL commands via the id_sezione parameter. | ||||
| CVE-2009-2601 | 2 Joomla, Joomlaequipment | 2 Joomla\!, Juser | 2026-04-23 | N/A |
| SQL injection vulnerability in the Joomlaequipment (aka JUser or com_juser) component 2.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_profile action to index.php. | ||||
| CVE-2009-2604 | 1 Zenhelpdesk | 1 Zen Help Desk | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in adminlogin.asp in Zen Help Desk 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) userid (aka username) and (2) PassWord parameters to admin.asp. | ||||
| CVE-2009-2612 | 1 Prosmdr | 1 Prosmdr | 2026-04-23 | N/A |
| SQL injection vulnerability in login.aspx in ProSMDR allows remote attackers to execute arbitrary SQL commands via the txtUser parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-3659 | 1 Stanback | 1 Bs Counter | 2026-04-23 | N/A |
| SQL injection vulnerability in file/stats.php in BS Counter 2.5.3 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2009-3491 | 2 Joomla, Kinfusion | 2 Joomla\!, Com Sportfusion | 2026-04-23 | N/A |
| SQL injection vulnerability in the Kinfusion SportFusion (com_sportfusion) component 0.2.2 through 0.2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a teamdetail action to index.php. | ||||
| CVE-2009-0493 | 1 Martin Unzner | 1 It\!cms | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in IT!CMS 2.1a and earlier allows remote attackers to execute arbitrary SQL commands via the Username. | ||||
| CVE-2008-5930 | 1 The Net Guys | 1 Aspired2blog | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ASPired2Blog allows remote attackers to execute arbitrary SQL commands via the BlogID parameter. | ||||
| CVE-2008-5927 | 1 China-on-site | 1 Flexphpnews | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote attackers to execute arbitrary SQL commands via the (1) checkuser parameter (aka username field) or (2) checkpass parameter (aka password field) to admin/index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5727 | 1 Netcat | 1 Netcat | 2026-04-23 | N/A |
| SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the query string. | ||||
| CVE-2008-6268 | 1 Sadi Samami | 1 Multi Languages Webshop Online | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6272 | 1 Miticdjd | 1 Apoll | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote attackers to execute arbitrary SQL command via the pass parameter. | ||||
| CVE-2009-3514 | 1 Marcin Manek | 1 D.net Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in d.net CMS allow remote attackers to execute arbitrary SQL commands via (1) the page parameter to index.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (2) edit_id and (3) _p parameter in a news action to dnet_admin/index.php. | ||||
| CVE-2009-4423 | 1 Weentech | 1 Weencompany | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in weenCompany 4.0.0 allows remote attackers to execute arbitrary SQL commands via the moduleid parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4424 | 2 Imotta, Wordpress | 2 Pyrmont Plugin, Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-3543 | 1 Phenotype-cms | 1 Phenotype Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in _phenotype/admin/login.php in Phenotype CMS before 2.9 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the login name). | ||||