Export limit exceeded: 364951 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19794 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4010 | 1 Vwar | 1 Virtual War | 2026-04-16 | N/A |
| SQL injection vulnerability in war.php in Virtual War (Vwar) 1.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: other vectors are covered by CVE-2006-3139. | ||||
| CVE-2005-4711 | 1 Neocrome | 1 Land Down Under | 2026-04-16 | N/A |
| SQL injection vulnerability in Neocrome Land Down Under (LDU) 801 allows remote attackers to execute arbitrary SQL commands via an HTTP Referer header. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-3904 | 1 Etomite | 1 Etomite | 2026-04-16 | N/A |
| SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2002-2383 | 1 F2html.pl | 1 F2html.pl | 2026-04-16 | N/A |
| SQL injection vulnerability in f2html.pl 0.1 through 0.4 allows remote attackers to execute arbitrary SQL commands via file names. | ||||
| CVE-2006-0413 | 1 Newsphp | 1 Newsphp | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in index.php in NewsPHP allow remote attackers to execute arbitrary SQL commands via the (1) discuss, (2) tim, (3) id, (4) last, and (5) limit parameter. | ||||
| CVE-2003-0377 | 1 Iisprotect | 1 Iisprotect | 2026-04-16 | N/A |
| SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote attackers to insert arbitrary SQL and execute code via certain variables, as demonstrated using the GroupName variable in SiteAdmin.ASP. | ||||
| CVE-2006-0961 | 1 Cilem | 1 Cilem Haber | 2026-04-16 | N/A |
| SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 allows remote attackers to execute arbitrary SQL commands via the haber_id parameter. NOTE: this product has also been referred to as "Cilem News," although that does not appear to be the proper name. | ||||
| CVE-2005-3686 | 1 Newsboard | 1 Unclassified Newsboard | 2026-04-16 | N/A |
| SQL injection vulnerability in search.inc.php in Unclassified NewsBoard before 1.5.3 Patch 4 allows remote attackers to execute arbitrary SQL commands via the (1) DateFrom or (2) DateUntil parameter to forum.php. | ||||
| CVE-2005-3845 | 1 Ezinvoiceinc | 1 Ez Invoice Inc | 2026-04-16 | N/A |
| SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allows remote attackers to execute arbitrary SQL commands via the i parameter. NOTE: the vendor has stated "EZ Invoice, Inc has a patah available. Please email support@ezinvoiceinc.com and EZI will email you the patch to fix this small issue." | ||||
| CVE-2006-1423 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-16 | N/A |
| SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 br5, 6.0.1, 6.0.2, and earlier, allows remote attackers to execute arbitrary SQL commands via the Number parameter. | ||||
| CVE-2006-1500 | 1 Tilde | 1 Tilde Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Tilde CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2004-2754 | 1 Yabb | 1 Yabb Se | 2026-04-16 | N/A |
| SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions. | ||||
| CVE-2006-0192 | 1 Philip Loftin | 1 Aspsurvey | 2026-04-16 | N/A |
| SQL injection vulnerability in Login_Validate.asp in ASPSurvey 1.10 allows remote attackers to execute arbitrary SQL commands via the Password parameter to login.asp. | ||||
| CVE-2006-1501 | 1 Oneorzero | 1 Oneorzero | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in OneOrZero 1.6.3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly in the kans action. | ||||
| CVE-2005-3748 | 1 Tru-zone | 1 Nukeet | 2026-04-16 | N/A |
| SQL injection vulnerability in the Search module in Tru-Zone Nuke ET 3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the query parameter. | ||||
| CVE-2006-0205 | 1 Wordcircle | 1 Wordcircle | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Wordcircle 2.17 allow remote attackers to (1) execute arbitrary SQL commands and bypass authentication via the password field in the login action to index.php (involving v_login.php and s_user.php) and (2) have other unknown impact via certain other fields in unspecified scripts. | ||||
| CVE-2005-4263 | 1 Envolution | 1 Envolution | 2026-04-16 | N/A |
| SQL injection vulnerability in the News module in Envolution allows remote attackers to execute arbitrary SQL commands via the (1) startrow and (2) catid parameter. | ||||
| CVE-2006-3064 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-16 | N/A |
| SQL injection vulnerability in the add_hit function in include/function.inc.php in Coppermine Photo Gallery (CPG) 1.4.8, when "Keep detailed hit statistics" is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) referer and (2) user-agent HTTP headers. | ||||
| CVE-2005-3046 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-16 | N/A |
| SQL injection vulnerability in password.php in PhpMyFaq 1.5.1 allows remote attackers to modify SQL queries and gain administrator privileges via the user field. | ||||
| CVE-2006-3688 | 1 Francisco Charrua | 1 Photo-gallery | 2026-04-16 | N/A |
| SQL injection vulnerability in Room.php in Francisco Charrua Photo-Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||