Search Results (19841 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3027 1 Vangogh Web Cms 1 Vangogh Web Cms 2026-04-23 N/A
SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php.
CVE-2008-6338 2 Typo3, Weber-ebusiness 2 Typo3, Wes Facilities 2026-04-23 N/A
SQL injection vulnerability in the WEBERkommunal Facilities (wes_facilities) extension 2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6349 1 Turnkeyforms 1 Business Survey Pro 2026-04-23 N/A
SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0109 1 Riotpix 1 Riotpix 2026-04-23 N/A
SQL injection vulnerability in index.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6350 1 Turnkeyforms 1 Local Classifieds 2026-04-23 N/A
SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter.
CVE-2008-6352 1 Xpoze 1 Xpoze Pro 2026-04-23 N/A
SQL injection vulnerability in home.html in Xpoze Pro 4.10 allows remote attackers to execute arbitrary SQL commands via the menu parameter.
CVE-2009-0110 1 Riotpix 1 Riotpix 2026-04-23 N/A
SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
CVE-2008-6362 1 Ezonelink 1 Multiple Membership Script 2026-04-23 N/A
SQL injection vulnerability in sitepage.php in Multiple Membership Script 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3918 1 Ovidentia 1 Ovidentia 2026-04-23 N/A
SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the field parameter in a search action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6364 1 Adserversolutions 1 Banner Exchange Software 2026-04-23 N/A
SQL injection vulnerability in logon_process.jsp in Ad Server Solutions Banner Exchange Solution Java allows remote attackers to execute arbitrary SQL commands via the (1) username (uname parameter) and (2) password (pass parameter). NOTE: some of these details are obtained from third party information.
CVE-2009-3430 1 Allomani 1 Mobile 2026-04-23 N/A
SQL injection vulnerability in login.php in Allomani Mobile 2.5 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
CVE-2008-3309 1 Digiappz 1 Digileave 2026-04-23 N/A
SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
CVE-2008-2339 1 Turnkeywebtools 1 Sunshop Shopping Cart 2026-04-23 N/A
SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549.
CVE-2008-6368 1 Chipmunk Scripts 1 Chipmunk Guestbook 2026-04-23 N/A
SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m allows remote attackers to execute arbitrary SQL commands via the start parameter.
CVE-2008-3034 1 Rss Aggregator 1 Rss Aggregator 2026-04-23 N/A
Multiple SQL injection vulnerabilities in RSS-aggregator 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) IdFlux parameter to admin/fonctions/supprimer_flux.php and the (2) IdTag parameter to admin/fonctions/supprimer_tag.php.
CVE-2008-3035 1 Xchangeboard 1 Xchangeboard 2026-04-23 N/A
SQL injection vulnerability in newThread.php in XchangeBoard 1.70 Final and earlier allows remote authenticated users to execute arbitrary SQL commands via the boardID parameter.
CVE-2008-3487 1 Phpauctions 1 Phpauction Gpl Enhanced 2026-04-23 N/A
SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6778 1 Scripts-for-sites 1 Ez Auction 2026-04-23 N/A
SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-4335 1 Atomic Photo Album 1 Atomic Photo Album 2026-04-23 N/A
SQL injection vulnerability in album.php in Atomic Photo Album (APA) 1.1.0pre4 allows remote attackers to execute arbitrary SQL commands via the apa_album_ID parameter.
CVE-2008-6783 1 Scripts-for-sites 1 Ez Home Business Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Home Business Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.