Export limit exceeded: 363370 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19696 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19696 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4495 1 Select Development Solutions 1 Php Auto Dealer 2026-04-23 N/A
SQL injection vulnerability in view_cat.php in PHP Auto Dealer 2.7 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter.
CVE-2008-0301 1 Mapbender 1 Mapbender 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Mapbender 2.4.4 allow remote attackers to execute arbitrary SQL commands via the gaz parameter to mod_gazetteer_edit.php and other unspecified vectors.
CVE-2009-3082 1 Snowhall 1 Silurus System 2026-04-23 N/A
SQL injection vulnerability in wcategory.php in Snow Hall Silurus System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6890 1 Codetoad 1 Asp Forum Script 2026-04-23 N/A
SQL injection vulnerability in messages.asp in ASP Forum Script allows remote attackers to execute arbitrary SQL commands via the message_id parameter.
CVE-2008-4466 1 Vastal I-tech 1 Cosmetics Zone 2026-04-23 N/A
SQL injection vulnerability in view_products_cat.php in Vastal I-Tech Cosmetics Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-4157 1 Vastal 1 Phpvid 2026-04-23 N/A
SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected.
CVE-2008-2457 1 Bitmixsoft 1 Php-jokesite 2026-04-23 N/A
SQL injection vulnerability in jokes_category.php in PHP-Jokesite 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-4621 1 Zeescripts 1 Zeeproperty 2026-04-23 N/A
SQL injection vulnerability in bannerclick.php in ZeeScripts Zeeproperty allows remote attackers to execute arbitrary SQL commands via the adid parameter.
CVE-2008-6695 2 Frank Naegler, Typo3 2 Timtab Sociable, Typo3 2026-04-23 N/A
SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2009-2340 1 Opial 1 Opial 2026-04-23 N/A
SQL injection vulnerability in admin/index.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the txtUserName (aka User Name) parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-2890 1 Offl 1 Online Fantasy Football League 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.php, the (2) league_id parameter to leagues.php, and the (3) player_id parameter to players.php.
CVE-2008-4463 1 Vastal I-tech 1 Jobs Zone 2026-04-23 N/A
SQL injection vulnerability in view_news.php in Vastal I-Tech Jobs Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
CVE-2008-6274 1 Mjcreation 1 Familyproject 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in FamilyProject 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the logmbr parameter (aka login field) or (2) the mdpmbr parameter (aka pass or "Mot de passe" field). NOTE: some of these details are obtained from third party information.
CVE-2009-1851 1 Benjamin Curtis 1 Phpbugtracker 2026-04-23 N/A
SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2129 1 Cine 1 Galleristic 2026-04-23 N/A
SQL injection vulnerability in index.php in Galleristic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-4461 1 Vastal I-tech 1 Dating Zone 2026-04-23 N/A
SQL injection vulnerability in advanced_search_results.php in Vastal I-Tech Dating Zone, possibly 0.9.9, allows remote attackers to execute arbitrary SQL commands via the fage parameter.
CVE-2008-4657 1 Typo3 2 Econda Plugin, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3945 1 Source Workshop 1 Words Tag Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Words tag 1.2 allows remote attackers to execute arbitrary SQL commands via the word parameter in a claim action.
CVE-2006-6038 1 Powie 1 Pforum 2026-04-23 N/A
SQL injection vulnerability in editpoll.php in Powie's PHP Forum (pForum) 1.29a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6236 1 Cafuego 1 Simple Document Management System 2026-04-23 N/A
SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.