Export limit exceeded: 19661 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19661 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6694 2 Fr.simon Rundell, Typo3 2 Ste Prayer, Typo3 2026-04-23 N/A
SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-3452 1 Endonesia 2 Calendar Module, Endonesia 2026-04-23 N/A
SQL injection vulnerability in the Calendar module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the loc_id parameter in a list_events action to mod.php.
CVE-2008-3490 1 E-topbiz 1 Online Dating 2026-04-23 N/A
SQL injection vulnerability in members/mail.php in E-topbiz Online Dating 3 1.0 allows remote authenticated users to execute arbitrary SQL commands via the mail_id parameter in a veiw action.
CVE-2008-3090 1 Blognplus 1 Blognplus 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819.
CVE-2008-4760 1 Graphiks 1 Myforum 2026-04-23 N/A
SQL injection vulnerability in lecture.php in Graphiks MyForum 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0469 1 Tiger Php News System 1 Tiger Php News System 2026-04-23 N/A
SQL injection vulnerability in index.php in Tiger Php News System (TPNS) 1.0b and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a newscat action.
CVE-2009-0574 1 Cafeengine 1 Easycafeengine 2026-04-23 N/A
SQL injection vulnerability in index.php in Easy CafeEngine allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-4604.
CVE-2008-4303 1 Php-collab 1 Php-collab 2026-04-23 N/A
Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and earlier allow remote attackers to execute arbitrary SQL commands via the loginForm parameter to general/login.php, and unspecified other vectors.
CVE-2007-5272 1 Furkan Tastan Blog 1 Furkan Tastan Blog 2026-04-23 N/A
SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote attackers to execute arbitrary SQL commands via the id parameter in a goster kat action.
CVE-2008-1613 1 Reddot 1 Cms 2026-04-23 N/A
SQL injection vulnerability in ioRD.asp in RedDot CMS 7.5 Build 7.5.0.48, and possibly other versions including 6.5 and 7.0, allows remote attackers to execute arbitrary SQL commands via the LngId parameter.
CVE-2008-2492 1 Badongo 1 Campus Bulletin Board 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to post3/view.asp and the (2) review parameter to post3/book.asp.
CVE-2008-2498 1 Mambo-foundation 1 Mambo 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third party information.
CVE-2007-5189 1 X-script 1 Guestbook 2026-04-23 N/A
Multiple SQL injection vulnerabilities in mes_add.php in x-script GuestBook 1.3a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) icq, and (4) website parameters.
CVE-2007-6366 1 Sinecms 1 Sinecms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in SineCMS 2.3.4 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to mods/Calendar/index.php, accessed through a Calendar info action to mods.php; the id parameter to admin/mods_adm.php in a (2) Guestbook modifica or (3) Calendar modify action; or the (4) mese or (5) anno parameter to admin/mods_adm.php in a Calendar action. NOTE: the component for vectors 2 through 5 might be limited to administrators.
CVE-2007-6579 1 Ip Reg 1 Ip Reg 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Ip Reg 0.3 allow remote attackers to execute arbitrary SQL commands via the vlan_id parameter to (1) vlanview.php, (2) vlanedit.php, and (3) vlandel.php; the (4) assetclassgroup_id parameter to assetclassgroupview.php; the (5) subnet_id parameter to nodelist.php; and unspecified other vectors. NOTE: it was later reported that the vlanview.php and vlandel.php vectors are also in 0.4.
CVE-2009-2290 2 Joomla, Kim Eckert 2 Joomla\!, Com Bsadv 2026-04-23 N/A
SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) component 0.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) account or (2) event task to index.php.
CVE-2007-6580 1 Wallpaper 1 Wallpaper Complete Website 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Wallpaper Site 1.0.09 allow remote attackers to execute arbitrary SQL commands via (1) the catid parameter to category.php or (2) the groupid parameter to editadgroup.php.
CVE-2009-2276 2 Biglle, Punbb 2 Vote For Us Extension, Punbb 2026-04-23 N/A
SQL injection vulnerability in voteforus.php in the Vote For Us extension 1.0.1 and earlier for PunBB allows remote attackers to execute arbitrary SQL commands via the out parameter.
CVE-2008-4328 1 Easyrealtorpro 1 Easyrealtorpro 2026-04-23 N/A
SQL injection vulnerability in site_search.php in EasyRealtorPRO 2008 allows remote attackers to execute arbitrary SQL commands via the (1) item, (2) search_ordermethod, and (3) search_order parameters.
CVE-2008-6778 1 Scripts-for-sites 1 Ez Auction 2026-04-23 N/A
SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter.