Export limit exceeded: 19728 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19728 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6261 1 E-topbiz 1 Admanager 2026-04-23 N/A
SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows remote attackers to execute arbitrary SQL commands via the group parameter.
CVE-2008-1065 1 Xoops 1 Xm Memberstats 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in the XM-Memberstats (xmmemberstats) 2.0e module for XOOPS allow remote attackers to execute arbitrary SQL commands via the (1) letter or (2) sortby parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6260 1 Ultrastats 1 Ultrastats 2026-04-23 N/A
SQL injection vulnerability in index.php in Ultrastats 0.2.144 and 0.3.11 allows remote attackers to execute arbitrary SQL commands via the serverid parameter.
CVE-2008-6237 1 Scripts-for-sites 1 Hotscripts-like Site 2026-04-23 N/A
SQL injection vulnerability in software-description.php in Scripts For Sites (SFS) Hotscripts-like Site allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-6586 1 Niclor 1 Niclor 2026-04-23 N/A
SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php.
CVE-2009-4470 1 Dvbbs 1 Dvbbs 2026-04-23 N/A
SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remote attackers to execute arbitrary SQL commands via the groupboardid parameter.
CVE-2007-4456 2 Mambo, Parkview Consultants 2 Mambo, Simplefaq 2026-04-23 N/A
SQL injection vulnerability in index.php in the SimpleFAQ (com_simplefaq) 2.11 component for Mambo allows remote attackers to execute arbitrary SQL commands via the aid parameter. NOTE: it was later reported that 2.40 is also affected, and that the component can be used in Joomla! in addition to Mambo.
CVE-2008-2203 1 Maianscriptworld 1 Maian Search 2026-04-23 N/A
SQL injection vulnerability in search.php in Maian Search 1.1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search action.
CVE-2008-2205 1 Maianscriptworld 1 Maian Music 2026-04-23 N/A
SQL injection vulnerability in index.php in Maian Music 1.1 allows remote attackers to execute arbitrary SQL commands via the album parameter in an album action.
CVE-2008-3092 1 Drupal 1 Taxonomy Autotagger Module 2026-04-23 N/A
SQL injection vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-0801 3 Joomla, Mambo-foundation, Paxxgallery 3 Joomla\!, Mambo, Com Paxxgallery 2026-04-23 N/A
SQL injection vulnerability in index.php in the PAXXGallery (com_paxxgallery) 0.2 component for Mambo and Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the iid parameter in a view action, and possibly (2) the userid parameter.
CVE-2008-3083 2 Brightcode, Joomla 2 Brightcode Weblinks Module, Com Brightweblinks 2026-04-23 N/A
SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2008-3058 1 Octeth 1 Oempro 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Octeth Oempro 3.5.5.1, and possibly other versions before 4, allow remote attackers to execute arbitrary SQL commands via the FormValue_Email parameter (aka Email field) to index.php in (1) member/, (2) client/, or (3) admin/; or (4) the FormValue_SearchKeywords parameter to client/campaign_track.php.
CVE-2008-3056 1 Typo3 1 Codeon Petition Extension 2026-04-23 N/A
SQL injection vulnerability in the Codeon Petition (cd_petition) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2007-6299 1 Drupal 1 Drupal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x before 4.7.9 and 5.x before 5.4 allow remote attackers to execute arbitrary SQL commands via modules that pass input to the taxonomy_select_nodes function, as demonstrated by the (1) taxonomy_menu, (2) ajaxLoader, and (3) ubrowser contributed modules.
CVE-2008-3051 1 Typo3 1 Pinboard Extension 2026-04-23 N/A
SQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2007-5123 1 Solidweb 1 Novus 2026-04-23 N/A
SQL injection vulnerability in notas.asp in Novus 1.0 allows remote attackers to execute arbitrary SQL commands via the nota_id parameter.
CVE-2008-2989 1 Homap 1 Homap 2026-04-23 N/A
SQL injection vulnerability in index.php in HoMaP-CMS 0.1 allows remote attackers to execute arbitrary SQL commands via the go parameter.
CVE-2008-2964 1 Researchguide 1 Researchguide 2026-04-23 N/A
SQL injection vulnerability in guide.php in ResearchGuide 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2963 1 Myblog 1 Myblog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in MyBlog allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to (a) index.php, and the (2) id parameter to (b) member.php and (c) post.php.