Export limit exceeded: 19603 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19603 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1841 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in the session handling functionality in bridge/coppermine.inc.php in Coppermine Photo Gallery (CPG) 1.4.17 and earlier allows remote attackers to execute arbitrary SQL commands via an input field associated with the session_id variable, as exploited in the wild in April 2008. NOTE: the fix for CVE-2008-1840 was intended to address this vulnerability, but is actually inapplicable. | ||||
| CVE-2008-1844 | 1 W2b | 1 Phphotresources | 2026-04-23 | N/A |
| SQL injection vulnerability in cat.php in W2B phpHotResources allows remote attackers to execute arbitrary SQL commands via the kind parameter. | ||||
| CVE-2008-1847 | 1 Coronamatrix | 1 Phpaddressbook | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2065 | 1 Yourfreeworld | 1 Jokes Site Script | 2026-04-23 | N/A |
| SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers to execute arbitrary SQL commands via the catagorie parameter. | ||||
| CVE-2008-2083 | 1 Prozilla | 1 Hosting Index | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Prozilla Hosting Index, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-2084 | 2 Myarticles, Runcms | 2 Myarticles, Myarticles Module | 2026-04-23 | N/A |
| SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a listarticles action. | ||||
| CVE-2008-6100 | 1 Berlios | 1 Discussion Forum 2k | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter to (a) RSS1.php and (b) RSS2.php in misc/; and the (2) SubID parameter to (c) misc/RSS5.php. | ||||
| CVE-2008-6104 | 1 A4desk | 1 A4desk Flash Event Calendar | 2026-04-23 | N/A |
| SQL injection vulnerability in A4Desk PHP Event Calendar allows remote attackers to execute arbitrary SQL commands via the eventid parameter to admin/index.php. | ||||
| CVE-2008-2088 | 1 Phpforge | 1 Php Forge | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/news.php in PHP Forge 3.0 beta 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in the news module to admin.php. | ||||
| CVE-2008-2094 | 1 Xoops | 1 Article Module | 2026-04-23 | N/A |
| SQL injection vulnerability in article.php in the Article module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-3413 | 1 Greatclone | 1 Auction Platinum | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in Greatclone GC Auction Platinum allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. | ||||
| CVE-2008-6111 | 1 Netart Media | 1 Vlog System | 2026-04-23 | N/A |
| SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to execute arbitrary SQL commands via the note parameter. | ||||
| CVE-2008-3414 | 1 Siteadmin | 1 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in line2.php in SiteAdmin allows remote attackers to execute arbitrary SQL commands via the art parameter. | ||||
| CVE-2008-6114 | 2 E107, Mytipper | 2 E107, Zogo Shop | 2026-04-23 | N/A |
| SQL injection vulnerability in product_details.php in the Mytipper Zogo-shop 1.15.4 plugin for e107 allows remote attackers to execute arbitrary SQL commands via the product parameter. | ||||
| CVE-2008-6115 | 1 Prozilla | 1 Hosting Index | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action, a different vector than CVE-2008-2083. | ||||
| CVE-2008-3649 | 1 Articlefriendly | 1 Article Friendly | 2026-04-23 | N/A |
| SQL injection vulnerability in categorydetail.php in Article Friendly Standard allows remote attackers to execute arbitrary SQL commands via the Cat parameter. | ||||
| CVE-2008-6116 | 2 Extrosoft, Joomla | 2 Com Thyme, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event parameter to index.php. | ||||
| CVE-2008-6133 | 1 Ozsari | 1 Full Php Emlak Script | 2026-04-23 | N/A |
| SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3942. | ||||
| CVE-2008-6134 | 1 Drupal | 2 Drupal, Everyblog | 2026-04-23 | N/A |
| SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-3672 | 1 Pozscripts | 1 Classified Ads | 2026-04-23 | N/A |
| SQL injection vulnerability in showcategory.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3673. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||