Export limit exceeded: 19663 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19663 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0773 3 Joomla, Mambo, Phil Taylor 4 Com Comments, Com Comments, Comments and 1 more 2026-04-23 N/A
SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4373 1 Availscript 1 Availscript Jobs Portal Script 2026-04-23 N/A
SQL injection vulnerability in job_seeker/applynow.php in AvailScript Job Portal Script allows remote attackers to execute arbitrary SQL commands via the jid parameter.
CVE-2008-0934 2 Nukec, Php-nuke 2 Nukec, Nukec Module 2026-04-23 N/A
SQL injection vulnerability in modules.php in the NukeC 2.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action.
CVE-2009-1799 1 Sebastian-thiele 1 St-gallery 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.php in ST-Gallery 0.1 alpha, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) gallery_category or (2) gallery_show parameter to example.php.
CVE-2008-2897 1 Pagesquid 1 Pagesquid Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-0446 1 Julian Pawlowski 1 Lulieblog 2026-04-23 N/A
SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-6012 1 Gatesoft 1 Docusafe 2026-04-23 N/A
SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the artnr parameter (aka the search section). NOTE: some of these details are obtained from third party information.
CVE-2008-4369 1 Availscript 1 Availscript Photo Album 2026-04-23 N/A
SQL injection vulnerability in pics.php in Availscript Photo Album allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-2008-2856 1 Ownrs 1 Ownrs 2026-04-23 N/A
SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2572 1 Theflashblog 1 Flashblog 2026-04-23 N/A
SQL injection vulnerability in php/leer_comentarios.php in FlashBlog allows remote attackers to execute arbitrary SQL commands via the articulo_id parameter.
CVE-2007-2534 1 Phphoo3 1 Phphoo3 2026-04-23 9.8 Critical
Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a login. NOTE: CVE disputes this vulnerability, since ADMIN_USER/ADMIN_PASS are initialized before use
CVE-2008-7114 1 Ifusionservices 1 Ifdate 2026-04-23 N/A
SQL injection vulnerability in members_search.php in iFusion Services iFdate 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the name field.
CVE-2009-2786 2 Punbb, Reputation 2 Punbb, Reputation 2026-04-23 N/A
SQL injection vulnerability in reputation.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and earlier for PunBB allows remote attackers to execute arbitrary SQL commands via the poster parameter.
CVE-2009-4560 1 Worms-league 1 Webleague 2026-04-23 N/A
SQL injection vulnerability in profile.php in WebLeague 2.2.0 allows remote attackers to execute arbitrary SQL commands via the name parameter.
CVE-2008-6093 1 Noname-cms 1 Noname Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Noname CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) file_id parameter in a detailansicht action and the (2) kategorie parameter in a kategorien action.
CVE-2008-0907 1 Php-nuke 1 Inhalt Module 2026-04-23 N/A
SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-5046 1 Mole Group 1 Pizza Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Mole Group Pizza Script allows remote attackers to execute arbitrary SQL commands via the manufacturers_id parameter.
CVE-2008-2569 1 Joomla 1 Easybook Component 2026-04-23 N/A
SQL injection vulnerability in the EasyBook (com_easybook) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a deleteentry action to index.php.
CVE-2008-0906 1 Php-nuke 1 Php-nuke Module Docum 2026-04-23 N/A
SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle operation.
CVE-2008-4777 2 Joomla, Mambo 3 Com Lms, Joomla, Mambo 2026-04-23 N/A
SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task.