Export limit exceeded: 19781 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19781 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6667 1 Myphp 1 Myphp Forum 2026-04-23 N/A
SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the member.php vector is already covered by CVE-2005-0413.
CVE-2007-6671 1 Instantsoftwares 1 Dating Site 2026-04-23 N/A
SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-6021. NOTE: some of these details are obtained from third party information.
CVE-2008-2029 1 Minibb 1 Minibb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.
CVE-2008-1039 1 Porar 1 Webboard 2026-04-23 N/A
SQL injection vulnerability in question.asp in PORAR WEBBOARD allows remote attackers to execute arbitrary SQL commands via the QID parameter.
CVE-2008-6181 2 Joomla, Mad4media 2 Joomla, Com Mad4joomla 2026-04-23 N/A
SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the jid parameter to index.php.
CVE-2008-6179 1 Indexscript 1 Indexscript 2026-04-23 N/A
SQL injection vulnerability in sug_cat.php in IndexScript 3.0 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter, a different vector than CVE-2007-4069.
CVE-2008-1759 2 Jeuxflash, Kwsphp 2 Jeuxflash Module, Kwsphp 2026-04-23 N/A
SQL injection vulnerability in the jeuxflash module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php, a different vector than CVE-2007-4922.
CVE-2008-1763 1 Blogator Script 1 Blogator Script 2026-04-23 N/A
SQL injection vulnerability in _blogadata/include/sond_result.php in Blogator-script 0.95 allows remote attackers to execute arbitrary SQL commands via the id_art parameter.
CVE-2008-2034 1 Wordpress 1 Download Monitor Plugin 2026-04-23 N/A
SQL injection vulnerability in wp-download_monitor/download.php in the Download Monitor 2.0.6 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-6466 1 Freewebshop 1 Freewebshop 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the prod parameter in a details action, (2) the cat parameter in a browse list action, or (3) the group parameter in a categories action. NOTE: it was later reported that MOG - Web Shop (MOG-WebShop), a product based on the same code, is also affected.
CVE-2008-0089 1 Clip-share 1 Clipshare 2026-04-23 N/A
SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter.
CVE-2007-6472 1 Phpmyrealty 1 Phpmyrealty 2026-04-23 N/A
Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 allow (1) remote attackers to execute arbitrary SQL commands via the type parameter to search.php and (2) remote authenticated administrators to execute arbitrary SQL commands via the listing_updated_days parameter to admin/findlistings.php. NOTE: some of these details are obtained from third party information.
CVE-2008-5273 1 Toddwoolums 1 Todd Woolums Asp News Management 2026-04-23 N/A
SQL injection vulnerability in viewnews.asp in Todd Woolums ASP News Management 2.2 allows remote attackers to execute arbitrary SQL commands via the newsID parameter.
CVE-2007-6484 1 Phprpg 1 Phprpg 2026-04-23 N/A
SQL injection vulnerability in index.php in phpRPG 0.8 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0752 2 Joomla, Mambo 2 Com Neogallery, Com Neogallery 2026-04-23 N/A
SQL injection vulnerability in index.php in the Neogallery (com_neogallery) 1.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show action.
CVE-2008-0753 1 Vwar 1 Virtual War 2026-04-23 N/A
SQL injection vulnerability in calendar.php in Virtual War (VWar) 1.5 allows remote attackers to execute arbitrary SQL commands via the month parameter.
CVE-2008-0130 1 Instantsoftwares 1 Dating Site 2026-04-23 N/A
SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Username parameter, a different vulnerability than CVE-2007-6671. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0754 1 Joomla 1 Com Rapidrecipe 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in the Rapid Recipe (com_rapidrecipe) 1.6.5 component for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the user_id parameter in a showuser action or (2) the category_id parameter in a viewcategorysrecipes action.
CVE-2008-0761 1 Joomla 1 Com Pcchess 2026-04-23 N/A
SQL injection vulnerability in index.php in the Prince Clan Chess Club (com_pcchess) 0.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a players action.
CVE-2008-0142 1 Webportal 1 Webportal Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in WebPortal CMS 0.6-beta allow remote attackers to execute arbitrary SQL commands via the user_name parameter to actions.php, and unspecified other vectors.