Export limit exceeded: 363334 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19678 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19678 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5599 | 1 Merlix | 1 Teamworx Server | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to execute arbitrary SQL commands via the password parameter (aka passwd field) in a login action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1626 | 1 Will Kraft | 1 Ez-blog | 2026-04-23 | N/A |
| SQL injection vulnerability in public/specific.php in EZ-Blog before Beta 2 20090427, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2008-2632 | 1 Joomla | 2 Com Acctexp, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php. | ||||
| CVE-2008-6950 | 1 Webhost-panel | 1 Bankoi Webhosting Control Panel | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.asp in Bankoi WebHosting Control Panel 1.20 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field. | ||||
| CVE-2009-0337 | 1 Katywhitton | 1 Blogit\! | 2026-04-23 | N/A |
| SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4700 | 1 Liberiacms | 1 Liberia Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in admin.php in Libera CMS 1.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_pass cookie parameter. | ||||
| CVE-2008-4713 | 1 212cafe | 1 212cafeboard | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in 212cafe Board 0.07 allows remote attackers to execute arbitrary SQL commands via the qID parameter. | ||||
| CVE-2008-6964 | 1 X7 Group | 1 X7 Chat | 2026-04-23 | N/A |
| SQL injection vulnerability in the login page in X7 Chat 2.0.5 allows remote attackers to execute arbitrary SQL commands via the password field. | ||||
| CVE-2008-4736 | 1 Aves | 1 Rpg Board | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the showtopic parameter. | ||||
| CVE-2008-4738 | 1 Tufat | 1 Mycard | 2026-04-23 | N/A |
| SQL injection vulnerability in gallery.php in MyCard 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2667 | 2 Courier-mta, Suse | 2 Courtier-authlib, Open Suse | 2026-04-23 | N/A |
| SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors. | ||||
| CVE-2009-4305 | 1 Moodle | 1 Moodle | 2026-04-23 | N/A |
| SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)." | ||||
| CVE-2008-2669 | 1 Y-blog | 1 Yblog | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote attackers to execute arbitrary SQL commands via (1) the q parameter to search.php, or the n parameter to (2) user.php or (3) uss.php. | ||||
| CVE-2008-3153 | 1 Tritoncms | 1 Triton Cms Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header. | ||||
| CVE-2008-4743 | 1 Quidascript | 1 Faq Management Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in QuidaScript FAQ Management Script allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2008-4746 | 1 Uniwin | 1 Ecart Professional | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Uniwin eCart Professional 2.0.17 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) search.asp and (2) cartUtil.asp. | ||||
| CVE-2008-2678 | 1 Telephone | 1 Telephone Directory 2008 | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) code parameter in a confirm_data action to edit1.php and the (2) id parameter to view_more.php. | ||||
| CVE-2008-4755 | 1 Pozscripts | 1 Classified Auctions Script | 2026-04-23 | N/A |
| SQL injection vulnerability in gotourl.php in PozScripts Classified Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4757 | 1 Php-daily | 1 Php-daily | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHP-Daily allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) add_postit.php (b) delete.php, and (c) mod_prest_date.php; and the (2) prev parameter to (d) prest_detail.php. | ||||
| CVE-2009-2639 | 1 Mrcgiguy | 1 The Ticket System | 2026-04-23 | N/A |
| SQL injection vulnerability in admin.php in MRCGIGUY The Ticket System 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewticket action. | ||||