Export limit exceeded: 19711 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19711 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5003 1 Shahrood 1 Shahrood 2026-04-23 N/A
SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4208 1 Open-school 1 Open-school 2026-04-23 N/A
SQL injection vulnerability in the os_news module in Open-school (OS) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php.
CVE-2007-5372 2 Dws Systems Inc., Ledgersmb 2 Sql-ledger, Ledgersmb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
CVE-2009-4206 1 Cmsnx 1 Million Dollar Text Links 2026-04-23 N/A
SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4204 1 Ringsworld 1 Flashlight Free Edition 2026-04-23 N/A
SQL injection vulnerability in read.php in Flashlight Free Edition allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2236 1 Yourarticlesdirectory 1 Your Articles Directory 2026-04-23 N/A
SQL injection vulnerability in yad-admin/login.php in Your Article Directory allows remote attackers to execute arbitrary SQL commands via the txtAdminEmail parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-1613 1 Gowondesigns 1 Leap 2026-04-23 N/A
Multiple SQL injection vulnerabilities in leap.php in Leap CMS 0.1.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchterm or (2) email parameter.
CVE-2008-5321 2 Xoops, Xoops Hocasi 2 Xoops, Gesgaleri 2026-04-23 N/A
SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the no parameter.
CVE-2007-0984 1 Aspcode.net 1 Pollmentor 2026-04-23 N/A
SQL injection vulnerability in admin_poll.asp in PollMentor 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to pollmentorres.asp.
CVE-2007-6362 1 Joomla 1 Rs Gallery2 2026-04-23 N/A
SQL injection vulnerability in index.php in the RSGallery (com_rsgallery) 2.0 beta 5 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an inline page action.
CVE-2009-4200 2 Joomla, Vollmar 2 Joomla\!, Com Seminar 2026-04-23 N/A
SQL injection vulnerability in the Seminar (com_seminar) component 1.28 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a View_seminar action to index.php.
CVE-2008-5165 1 Eticket 1 Eticket 2026-04-23 N/A
Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote attackers to execute arbitrary SQL commands via the pri parameter to (1) index.php, (2) open.php, (3) open_raw.php, and (4) newticket.php.
CVE-2008-4494 1 Torrenttrader 1 Torrenttrader 2026-04-23 N/A
SQL injection vulnerability in completed-advance.php in TorrentTrader Classic 1.08 and 1.04 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-1895 1 Carboncommunities 1 Carbon Communities 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to events.asp, the (2) UserName parameter to getpassword.asp, and possibly an unspecified parameter to (3) option_Update.asp in an edit action.
CVE-2009-0965 1 Ismail Fahmi 1 Ganesha Digital Library 2026-04-23 N/A
SQL injection vulnerability in functions/browse.php in Ganesha Digital Library (GDL) 4.0 and 4.2 allows remote attackers to execute arbitrary SQL commands via the node parameter in a browse action to gdl.php.
CVE-2009-2436 1 Phponlinedatingsoftware 1 Myphpdating 2026-04-23 N/A
SQL injection vulnerability in page.php in Online Dating Software MyPHPDating 1.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
CVE-2008-2918 1 Application Dynamics 1 Cartweaver 2026-04-23 N/A
SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote attackers to execute arbitrary SQL commands via the prodId parameter, possibly a related issue to CVE-2006-2046.3.
CVE-2009-2428 1 Tauschregal.de 1 Tausch Ticket Script 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Tausch Ticket Script 3 allow remote attackers to execute arbitrary SQL commands via the (1) userid parameter to suchauftraege_user.php and the (2) descr parameter to vote.php; and other unspecified vectors.
CVE-2009-2427 1 Jobbr 1 Jobbr 2026-04-23 N/A
SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows remote attackers to execute arbitrary SQL commands via the emp_id parameter.
CVE-2009-2383 2 Blogtrafficexchange, Wordpress 2 Related-sites, Wordpress 2026-04-23 N/A
SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the guid parameter.