Export limit exceeded: 19645 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19645 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6779 1 Phpnuke 2 Php-nuke, Sarkilar Module 2026-04-23 N/A
SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php.
CVE-2008-6776 1 Scripts-for-sites 1 Ez Hot Or Not 2026-04-23 N/A
SQL injection vulnerability in viewcomments.php in Scripts For Sites (SFS) EZ Hot or Not allows remote attackers to execute arbitrary SQL commands via the phid parameter.
CVE-2008-3291 1 Aprox 2 Aprox Cms Engine, Aproxengine 2026-04-23 N/A
SQL injection vulnerability in index.php in AproxEngine (aka Aprox CMS Engine) 5.1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6728 1 Phpnuke 1 Php-nuke 2026-04-23 N/A
SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
CVE-2008-3026 1 Oneclick Cms 1 Oneclick Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet CMS) 2008-01-24 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3027 1 Vangogh Web Cms 1 Vangogh Web Cms 2026-04-23 N/A
SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php.
CVE-2008-6338 2 Typo3, Weber-ebusiness 2 Typo3, Wes Facilities 2026-04-23 N/A
SQL injection vulnerability in the WEBERkommunal Facilities (wes_facilities) extension 2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6349 1 Turnkeyforms 1 Business Survey Pro 2026-04-23 N/A
SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0109 1 Riotpix 1 Riotpix 2026-04-23 N/A
SQL injection vulnerability in index.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6350 1 Turnkeyforms 1 Local Classifieds 2026-04-23 N/A
SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter.
CVE-2008-6352 1 Xpoze 1 Xpoze Pro 2026-04-23 N/A
SQL injection vulnerability in home.html in Xpoze Pro 4.10 allows remote attackers to execute arbitrary SQL commands via the menu parameter.
CVE-2009-0110 1 Riotpix 1 Riotpix 2026-04-23 N/A
SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
CVE-2008-6362 1 Ezonelink 1 Multiple Membership Script 2026-04-23 N/A
SQL injection vulnerability in sitepage.php in Multiple Membership Script 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3951 1 Vastal 1 Agent Zone 2026-04-23 N/A
SQL injection vulnerability in view_ann.php in Vastal I-Tech Agent Zone (aka The Real Estate Script) allows remote attackers to execute arbitrary SQL commands via the ann_id parameter.
CVE-2008-3954 1 Alstrasoft 1 Forum Pay Per Post Exchange 2026-04-23 N/A
SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showcat action.
CVE-2008-6390 1 Ocean12tech 1 Membership Manager Pro 2026-04-23 N/A
SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6693 2 Sebastian Baumann, Typo3 2 Sb Downloader, Typo3 2026-04-23 N/A
SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-3955 1 Masir Camp 1 E-shop Module 2026-04-23 N/A
SQL injection vulnerability in index.php in Masir Camp E-Shop Module 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ordercode parameter in a veiworderstatus page.
CVE-2008-6392 1 1scripts 1 Z1exchange 2026-04-23 N/A
SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6394 1 Cs-cart 1 Cs-cart 2026-04-23 N/A
SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter.