Export limit exceeded: 19707 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19707 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-4716 1 Phd 1 Help Desk 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6867 1 Scripts For Sites 1 Ez Career 2026-04-23 N/A
SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter.
CVE-2008-6281 1 Bluocms 1 Bluo Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Bluo CMS 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4436 1 Bblog 1 Wbblog 2026-04-23 N/A
SQL injection vulnerability in bblog_plugins/builtin.help.php in bBlog 0.7.6 allows remote attackers to execute arbitrary SQL commands via the mod parameter.
CVE-2008-1465 3 Detodas, Joomla, Mambo-foundation 3 Com Restaurante, Joomla\!, Mambo 2026-04-23 N/A
SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562.
CVE-2009-4437 1 Activewebsoftwares 1 Active Auction House 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Active Auction House 3.6 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to wishlist.asp and the (2) linkid parameter to links.asp. NOTE: vector 1 might overlap CVE-2005-1029.1.
CVE-2007-4892 1 Swsoft 1 Plesk 2026-04-23 N/A
Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, 8.1.1, and 8.2.0 for Windows allow remote attackers to execute arbitrary SQL commands via a PLESKSESSID cookie to (1) login.php3 or (2) auth.php3.
CVE-2009-0447 1 Aspindir 1 Mydesign Sayac 2026-04-23 N/A
Multiple SQL injection vulnerabilities in default.asp in MyDesign Sayac 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the user parameter (aka UserName field) or (2) the pass parameter (aka Pass field) to (a) admin/admin.asp or (b) the default URI under admin/. NOTE: some of these details are obtained from third party information.
CVE-2008-3491 1 Scripts24 2 Ipost, Itgp 2026-04-23 N/A
SQL injection vulnerability in go.php in Scripts24 iPost 1.0.1 and iTGP 1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter in a report action.
CVE-2009-3813 1 Runcms 1 Runcms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the (1) forum parameter to modules/forum/post.php and possibly (2) forum_id variable to modules/forum/class/class.permissions.php.
CVE-2009-4499 1 Zabbix 1 Zabbix 2026-04-23 N/A
SQL injection vulnerability in the get_history_lastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted request, possibly related to the send_history_last_id function in zabbix_server/trapper/nodehistory.c.
CVE-2008-5774 1 Aspsiteware 1 Homebuilder 2026-04-23 N/A
Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to (a) type.asp and (b) type2.asp and the (2) iPro parameter to (c) detail.asp.
CVE-2008-5775 1 Apertoblog 1 Apertoblog 2026-04-23 N/A
SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-1890 2 Azrul, Joomla 2 Jom Comment, Joomla 2026-04-23 N/A
SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-3801 1 Opendocman 1 Opendocman 2026-04-23 N/A
SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmpass (aka Password) parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-4900 1 Yourfreeworld 1 Classifieds Blaster Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld Classifieds Blaster Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3054 1 Typo3 1 Branchenbuch Extension 2026-04-23 N/A
SQL injection vulnerability in the Branchenbuch (aka Yellow Pages o (mh_branchenbuch) extension 0.8.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-0451 1 Skalinks 1 Skalinks 2026-04-23 N/A
SQL injection vulnerability in Skalfa SkaLinks 1.5 allows remote attackers to execute arbitrary SQL commands via the Admin name field to the default URI under admin/.
CVE-2008-6694 2 Fr.simon Rundell, Typo3 2 Ste Prayer, Typo3 2026-04-23 N/A
SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-5813 1 Spip 1 Spip 2026-04-23 N/A
SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: some of these details are obtained from third party information.