Export limit exceeded: 19663 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19663 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4203 1 Czaries 1 Czarnews 2026-04-23 N/A
SQL injection vulnerability in cn_users.php in CzarNews 1.20 and earlier allows remote attackers to execute arbitrary SQL commands via a recook cookie.
CVE-2008-4623 2 Joomla, Martin Diphoorn 2 Joomla, Com Ds-syndicate 2026-04-23 N/A
SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feed_id parameter to index2.php.
CVE-2008-5959 1 Active Web Softwares 1 Active Test 2026-04-23 N/A
Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or (2) password parameter (aka password field). NOTE: some of these details are obtained from third party information.
CVE-2008-5927 1 China-on-site 1 Flexphpnews 2026-04-23 N/A
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote attackers to execute arbitrary SQL commands via the (1) checkuser parameter (aka username field) or (2) checkpass parameter (aka password field) to admin/index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-1486 1 Phorum 1 Phorum 2026-04-23 N/A
SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search.
CVE-2008-5294 1 Bdigital Web Solutions 1 Webstudio Ecatalogue 2026-04-23 N/A
SQL injection vulnerability in index.php in WebStudio eCatalogue allows remote attackers to execute arbitrary SQL commands via the pageid parameter.
CVE-2009-4576 2 Cmstactics, Joomla 2 Com Beeheard, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php.
CVE-2009-0493 1 Martin Unzner 1 It\!cms 2026-04-23 N/A
SQL injection vulnerability in login.php in IT!CMS 2.1a and earlier allows remote attackers to execute arbitrary SQL commands via the Username.
CVE-2008-5292 1 Videogirls 1 Videogirls Biz 2026-04-23 N/A
SQL injection vulnerability in view_snaps.php in VideoGirls BiZ allows remote attackers to execute arbitrary SQL commands via the type parameter.
CVE-2008-0832 2 Joomla, Mambo 2 Kemas Antonius Com Quran, Kemas Antonius Com Quran 2026-04-23 N/A
SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action.
CVE-2007-0642 1 Rbl 1 Tforum 2026-04-23 N/A
SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL - ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp.
CVE-2008-0842 1 Joomla 1 Com Clasifier 2026-04-23 N/A
SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-0737 1 Shoppingtree 1 Candypress Store 2026-04-23 N/A
SQL injection vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and other 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the helpfield parameter.
CVE-2008-1859 1 Iscripts 1 Socialware 2026-04-23 N/A
SQL injection vulnerability in events.php in iScripts SocialWare allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.
CVE-2008-5877 1 Phpclanwebsite 1 Phpclanwebsite 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) form_id parameter to pcw/processforms.php, (3) pcwlogin and (4) pcw_pass parameters to pcw/setlogin.php, (5) searchvalue parameter to pcw/downloads.php, and the (6) searchvalue and (7) whichfield parameter to pcw/downloads.php, a different vector than CVE-2006-0444.
CVE-2008-1858 1 724cms 1 724cms 2026-04-23 N/A
SQL injection vulnerability in index.php in 724Networks 724CMS 4.01 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-2447 1 Mytipper 1 Zogo Shop 2026-04-23 N/A
SQL injection vulnerability in products.php in the Mytipper ZoGo-shop plugin 1.15.5 and 1.16 Beta 13 for e107 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-3669 1 Zeescripts 1 Zeereviews 2026-04-23 N/A
SQL injection vulnerability in comments.php in ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP Script (aka ZeeReviews) allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2008-6890 1 Codetoad 1 Asp Forum Script 2026-04-23 N/A
SQL injection vulnerability in messages.asp in ASP Forum Script allows remote attackers to execute arbitrary SQL commands via the message_id parameter.
CVE-2008-6427 1 Hivemaker 1 Hivemaker 2026-04-23 N/A
SQL injection vulnerability in index.php in Hivemaker Professional 1.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid parameter.