Export limit exceeded: 19663 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19663 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3913 | 1 Xerox | 1 Fiery Webtools | 2026-04-23 | N/A |
| SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter. | ||||
| CVE-2009-0604 | 1 Php Director | 1 Php Director | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP Director 0.21 and earlier allows remote attackers to execute arbitrary SQL commands via the searching parameter. | ||||
| CVE-2008-5766 | 1 Fascript | 1 Faupload | 2026-04-23 | N/A |
| SQL injection vulnerability in download.php in Farsi Script Faupload allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-3118 | 1 Danneo | 1 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in mod/poll/comment.php in the vote module in Danneo CMS 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the comtext parameter, in conjunction with crafted comname and comtitle parameters, in a poll action to index.php, related to incorrect input sanitization in base/danneo.function.php. | ||||
| CVE-2008-0546 | 1 Shoppingtree | 1 Candypress Store | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idProduct and (2) options parameters to (a) ajax/ajax_optInventory.asp, or the (2) recid parameter to (b) ajax/ajax_getBrands.asp. | ||||
| CVE-2008-0543 | 1 Pre Projects | 1 Pre Dynamic Institution | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3119 | 2 Php-fusion, X-iweb.ru | 2 Php-fusion, Download System Msf | 2026-04-23 | N/A |
| SQL injection vulnerability in screen.php in the Download System mSF (dsmsf) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the view_id parameter. | ||||
| CVE-2009-3148 | 1 Portalxp | 1 Portalxp | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) calendar.php, (2) news.php, and (3) links.php; and the (4) assignment_id parameter to assignments.php. | ||||
| CVE-2009-1034 | 1 Drupal | 1 Tasklist | 2026-04-23 | N/A |
| SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via values in the URI. | ||||
| CVE-2009-3150 | 1 Multi-website | 1 Multi Website | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Multi Website 1.5 allows remote attackers to execute arbitrary SQL commands via the Browse parameter in a vote action. | ||||
| CVE-2009-3154 | 2 Almondsoft, Joomla | 2 Com Aclassf, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action to index.php, a different vector than CVE-2009-2567. | ||||
| CVE-2009-3319 | 1 Dimofinf | 1 Dawaween | 2026-04-23 | N/A |
| SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sec list action, a different vector than CVE-2006-1018. | ||||
| CVE-2009-0672 | 1 Ravenphpscripts | 1 Ravennuke | 2026-04-23 | N/A |
| SQL injection vulnerability in the Resend_Email module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary SQL commands via the user_prefix parameter to modules.php. | ||||
| CVE-2009-3321 | 1 Saphplesson | 1 Saphplesson | 2026-04-23 | N/A |
| SQL injection vulnerability in SaphpLesson 4.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP HTTP header. | ||||
| CVE-2009-3325 | 2 Focusdev, Joomla | 2 Com Surveymanager, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Focusplus Developments Survey Manager (com_surveymanager) component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php. | ||||
| CVE-2009-3327 | 1 Webilix | 1 Wx-guestbook | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in WX-Guestbook 1.1.208 allow remote attackers to execute arbitrary SQL commands via the (1) QUERY parameter to search.php and (2) USERNAME parameter to login.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1623 | 1 Lotus Web Studios Inc | 1 Smoothflash | 2026-04-23 | N/A |
| SQL injection vulnerability in admin_view_image.php in Smoothflash allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-7169 | 2 Jabode, Joomla | 2 Com Jabode, Joomla\! | 2026-04-23 | N/A |
| SQL injection vulnerability in Jabode horoscope extension (com_jabode) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php. | ||||
| CVE-2009-3330 | 1 Cpecreator | 1 Cp Creator | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in cP Creator 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tickets parameter in a support ticket action. | ||||
| CVE-2009-3332 | 2 Joomla, Sopinet | 2 Joomla, Com Jbudgetsmagic | 2026-04-23 | N/A |
| SQL injection vulnerability in the JBudgetsMagic (com_jbudgetsmagic) component 0.3.2 through 0.4.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the bid parameter in a mybudget action to index.php. | ||||