Export limit exceeded: 19582 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19582 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1229 | 1 Arcadwy | 1 Arcadwy Arcade Script | 2026-04-23 | N/A |
| SQL injection vulnerability in Arcadwy Arcade Script allows remote attackers to execute arbitrary SQL commands via the user cookie parameter. | ||||
| CVE-2008-5803 | 1 E-topbiz | 1 Online Store | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/login.php in E-topbiz Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka username field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6291 | 1 Xigla | 1 Absolute Banner Manager.net | 2026-04-23 | N/A |
| SQL injection vulnerability in abm.aspx in Xigla Absolute Banner Manager .NET 4.0 allows remote attackers to execute arbitrary SQL commands via the z parameter. | ||||
| CVE-2009-0287 | 1 Keep Toolkit | 1 Keep Toolkit | 2026-04-23 | N/A |
| SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password. | ||||
| CVE-2008-0270 | 1 Taskfreak | 1 Taskfreak | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in TaskFreak! 0.6.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sContext parameter. | ||||
| CVE-2008-6691 | 2 Diocese Of Portsmouth, Typo3 | 2 Pd Calendar Today, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2009-4591 | 1 Secureideas | 1 Base | 2026-04-23 | N/A |
| SQL injection vulnerability in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-2685 | 1 Battleblog | 1 Battleblog | 2026-04-23 | N/A |
| SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter, a different vector than CVE-2008-2626. | ||||
| CVE-2009-2734 | 1 Achievo | 1 Achievo | 2026-04-23 | N/A |
| SQL injection vulnerability in the get_employee function in classweekreport.inc in Achievo before 1.4.0 allows remote attackers to execute arbitrary SQL commands via the userid parameter (aka user_id variable) to dispatch.php. | ||||
| CVE-2009-4158 | 2 Mario Matzulla, Typo3 | 2 Cal, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Calendar Base (cal) extension before 1.2.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-5665 | 1 Xoops | 1 Xoops | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter. | ||||
| CVE-2008-0137 | 1 Snetworks | 1 Php Classifieds | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in config.inc.php in SNETWORKS PHP CLASSIFIEDS 5.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter. | ||||
| CVE-2008-4355 | 1 Powie | 1 Pforum | 2026-04-23 | N/A |
| SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5590 | 1 Kalptaru Infotech | 1 Product Sale Framework | 2026-04-23 | N/A |
| SQL injection vulnerability in customer.forumtopic.php in Kalptaru Infotech Product Sale Framework 0.1 beta allows remote attackers to execute arbitrary SQL commands via the forum_topic_id parameter. | ||||
| CVE-2008-3419 | 1 Greatclone | 1 Youtuber Clone | 2026-04-23 | N/A |
| SQL injection vulnerability in ugroups.php in Youtuber Clone allows remote attackers to execute arbitrary SQL commands via the UID parameter. | ||||
| CVE-2008-0833 | 1 Joomla | 1 Com Galeria | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the com_galeria component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2009-2383 | 2 Blogtrafficexchange, Wordpress | 2 Related-sites, Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the guid parameter. | ||||
| CVE-2007-4984 | 2 Ktauber, Phpbb | 2 Stylesdemo, Phpbb | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Ktauber.com StylesDemo mod for phpBB 2.0.xx allows remote attackers to execute arbitrary SQL commands via the s parameter. | ||||
| CVE-2008-2263 | 1 Cmsnx | 1 Automated Link Exchange Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in linking.page.php in Automated Link Exchange Portal allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: linking.page.php is commonly renamed to link.php, links.php, etc. | ||||
| CVE-2009-3582 | 1 Sql-ledger | 1 Sql-ledger | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search operation. | ||||