Export limit exceeded: 363637 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19727 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19727 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-4204 1 Ringsworld 1 Flashlight Free Edition 2026-04-23 N/A
SQL injection vulnerability in read.php in Flashlight Free Edition allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0377 1 Joomla 2 Com Beamospetition, Joomla 2026-04-23 N/A
SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132.
CVE-2007-3119 1 Kartli Alisveris Sistemi 1 Kartli Alisveris Sistemi 2026-04-23 N/A
SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) 1.0 allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
CVE-2008-2208 1 Maianscriptworld 1 Maian Greeting 2026-04-23 N/A
SQL injection vulnerability in index.php in Maian Greeting 2.1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search action.
CVE-2008-5952 1 Ktp Computer Customer Database 1 Ktp Computer Customer Database 2026-04-23 N/A
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the tid parameter in a vtech action to the default URI.
CVE-2007-6164 1 Eurologon 1 Eurologon Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Eurologon CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) reviews.php, (2) links.php and (3) articles.php.
CVE-2009-4591 1 Secureideas 1 Base 2026-04-23 N/A
SQL injection vulnerability in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-0881 1 Josema Enzo 1 Isiajax 2026-04-23 N/A
SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5865 2 Joomla, Joomlahbs 2 Joomla, Hotel Booking Reservation System 2026-04-23 N/A
SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.
CVE-2007-3301 1 Fusetalk 1 Fusetalk 2026-04-23 N/A
SQL injection vulnerability in forum/include/error/autherror.cfm in FuseTalk allows remote attackers to execute arbitrary SQL commands via the errorcode parameter. NOTE: a patch may have been released privately between April and June 2007. NOTE: this issue may overlap CVE-2007-3273.
CVE-2006-6157 1 Michaelis Freunde 1 Contentnow 2026-04-23 N/A
SQL injection vulnerability in index.php in ContentNow 1.39 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter. NOTE: this issue can be leveraged for path disclosure with an invalid pageid parameter.
CVE-2008-3412 1 Ecshop 1 Epshop 2026-04-23 N/A
SQL injection vulnerability in Comsenz EPShop (aka ECShop) before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a (1) pro_show or (2) disppro action to the default URI.
CVE-2009-1024 1 Beerwin 1 Phplinkadmin 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Beerwin PHPLinkAdmin 1.0 allow remote attackers to execute arbitrary SQL commands via the linkid parameter to edlink.php, and unspecified other vectors.
CVE-2009-1023 1 Phpcomasy 1 Phpcomasy 2026-04-23 N/A
SQL injection vulnerability in index.php in phpComasy 0.9.1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter.
CVE-2008-3845 1 Craftysyntax 1 Crafty Syntax Live Help 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php.
CVE-2008-3341 1 Jobbex 1 Jobsite 2026-04-23 N/A
Multiple SQL injection vulnerabilities in search_result.cfm in Jobbex JobSite allow remote attackers to execute arbitrary SQL commands via the (1) jobcountryid and (2) jobstateid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-0299 1 Groonesworld 1 Glinks 2026-04-23 N/A
SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-0253 1 Binn 1 Sbuilder 2026-04-23 N/A
SQL injection vulnerability in full_text.php in Binn SBuilder allows remote attackers to execute arbitrary SQL commands via the nid parameter.
CVE-2009-0295 1 Itlpoll 1 Itpoll 2026-04-23 N/A
SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) 2.7 Stable 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3240 1 Alstrasoft 1 Affiliate Network Pro 2026-04-23 N/A
SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote attackers to execute arbitrary SQL commands via the pgm parameter in a directory action.