Export limit exceeded: 364815 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19778 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19778 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5643 2 Joomla, Mambo 3 Com Books, Joomla, Mambo 2026-04-23 N/A
SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php.
CVE-2008-2865 1 Kalptaru Infotech 1 Php Site Lock 2026-04-23 N/A
SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a show_article action.
CVE-2007-6381 1 Typo3 1 Typo3 2026-04-23 N/A
SQL injection vulnerability in the indexed_search system extension in TYPO3 3.x, 4.0 through 4.0.7, and 4.1 through 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-0650 1 Simple Os Cms 1 Simple Os Cms 2026-04-23 N/A
SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1909 1 Chadha Software Technologies 1 Phpkb Knowledge Base 2026-04-23 N/A
SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-2892 2 Feellove, Joomla 2 Exp Shop Component, Com Expshop 2026-04-23 N/A
SQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_payment action to index.php.
CVE-2008-2394 1 Tagworx 1 Tagworx Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php.
CVE-2008-2893 1 Ajhyip 1 Aj Square Aj-hyip 2026-04-23 N/A
SQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-2532.
CVE-2008-2113 1 Phpeasydata 1 Phpeasydata 2026-04-23 N/A
SQL injection vulnerability in annuaire.php in PHPEasyData 1.5.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-2904 1 Phpmycart 1 Phpmycart 2026-04-23 N/A
SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-2384 3 Apache, Joey Schulze, Redhat 3 Http Server, Mod Auth Mysql, Enterprise Linux 2026-04-23 N/A
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
CVE-2007-3705 1 Fusetalk 1 Fusetalk 2026-04-23 N/A
SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVAR_SUBCAT (txForumID) parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm.
CVE-2007-3677 1 Maxsi 1 Evisit Analyst 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) idsp1.pl, (2) ip.pl, and (3) einsite_director.pl. NOTE: this issue can be leveraged for path disclosure from resulting error messages.
CVE-2008-2909 1 Clever Copy 1 Clever Copy 2026-04-23 N/A
SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter.
CVE-2007-4922 2 Jeuxflash, Kwsphp 2 Jeuxflash Module, Kwsphp 2026-04-23 N/A
SQL injection vulnerability in play.php in the jeuxflash 1.0 module for KwsPHP allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a play ac action to index.php. NOTE: some details are obtained from third party information.
CVE-2007-4602 1 Implied By Design 1 Micro Cms 2026-04-23 N/A
SQL injection vulnerability in cms/revert-content.php in Implied by Design Micro CMS (Micro-CMS) 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6303 1 Toursmanager 1 Tours Manager 2026-04-23 N/A
SQL injection vulnerability in tourview.php in ToursManager allows remote attackers to execute arbitrary SQL commands via the tourid parameter.
CVE-2008-6304 1 Xt-commerce 1 Xt-commerce 2026-04-23 N/A
SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled and the SEO URLs are activated, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2007-5630 1 Bbsprocess 1 Bbportals 2026-04-23 N/A
SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.10 through 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a tnews action.
CVE-2008-7120 1 Mrcgiguy 1 Hot Links Sql-php 2026-04-23 N/A
SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter.