Export limit exceeded: 19733 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19733 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6284 | 1 1scripts | 1 Z1exchange | 2026-04-23 | N/A |
| SQL injection vulnerability in edit.php in Z1Exchange 1.0 allows remote attackers to execute arbitrary SQL commands via the site parameter. | ||||
| CVE-2008-6358 | 1 Socialgroupie | 1 Social Groupie | 2026-04-23 | N/A |
| SQL injection vulnerability in group_index.php in Social Groupie allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6281 | 1 Bluocms | 1 Bluo Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Bluo CMS 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6365 | 1 Adserversolutions | 1 Ad Management Software | 2026-04-23 | N/A |
| SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad Management Software Java allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, related to the uname or pass parameters to logon.jsp or logon_processing.jsp. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4424 | 2 Imotta, Wordpress | 2 Pyrmont Plugin, Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6366 | 1 Adserversolutions | 1 Affiliate Software Java | 2026-04-23 | N/A |
| SQL injection vulnerability in logon.jsp in Ad Server Solutions Affiliate Software Java 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, possibly related to the uname and pass parameters to logon_process.jsp. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4423 | 1 Weentech | 1 Weencompany | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in weenCompany 4.0.0 allows remote attackers to execute arbitrary SQL commands via the moduleid parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6272 | 1 Miticdjd | 1 Apoll | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote attackers to execute arbitrary SQL command via the pass parameter. | ||||
| CVE-2008-6380 | 1 Activewebsoftwares | 1 Active Web Helpdesk | 2026-04-23 | N/A |
| SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter. | ||||
| CVE-2008-6268 | 1 Sadi Samami | 1 Multi Languages Webshop Online | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6383 | 1 Drupal | 2 Drupal, Storm | 2026-04-23 | N/A |
| SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6582 | 1 Miniweb2 | 1 Miniweb | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | ||||
| CVE-2008-7119 | 1 Webidsupport | 1 Webid | 2026-04-23 | N/A |
| SQL injection vulnerability in item.php in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6391 | 1 Nexusjnr | 1 Jbook | 2026-04-23 | N/A |
| SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the username (user parameter). | ||||
| CVE-2008-7116 | 1 Webidsupport | 1 Webid | 2026-04-23 | N/A |
| SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the username. | ||||
| CVE-2008-7114 | 1 Ifusionservices | 1 Ifdate | 2026-04-23 | N/A |
| SQL injection vulnerability in members_search.php in iFusion Services iFdate 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the name field. | ||||
| CVE-2009-4198 | 1 Cupidsystems | 1 Myminibill | 2026-04-23 | N/A |
| SQL injection vulnerability in my_orders.php in MyMiniBill allows remote authenticated users to execute arbitrary SQL commands via the orderid parameter in a status action. | ||||
| CVE-2009-2354 | 1 Nulllogic | 1 Groupware | 2026-04-23 | N/A |
| SQL injection vulnerability in the auth_checkpass function in the login page in NullLogic Groupware 1.2.7 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-2359 | 1 Yasinkaplan | 1 Tekradius | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in TekRADIUS 3.0 allow context-dependent attackers to execute arbitrary SQL commands via (1) the GUI client, as demonstrated by input to the Browse Users text box in the Users tab; or (2) the command-line client, as demonstrated by a certain trcli -r command. | ||||
| CVE-2009-4414 | 1 Phpgroupware | 1 Phpgroupware | 2026-04-23 | N/A |
| SQL injection vulnerability in phpgwapi /inc/class.auth_sql.inc.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the passwd parameter to login.php. | ||||