Export limit exceeded: 363285 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19664 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19664 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6551 1 Mailmachinepro 1 Mailmachine Pro 2026-04-23 N/A
SQL injection vulnerability in showMsg.php in MailMachine Pro 2.2.4, and other versions before 2.2.6, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4090 1 Couponscript 1 Coupon Script 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP Coupon Script 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an addtocart action, a different vector than CVE-2007-2672.
CVE-2007-4368 1 Ibm 1 Rational Clearquest 2026-04-23 N/A
SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command.
CVE-2008-0785 1 Cacti 1 Cacti 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login.
CVE-2008-4088 1 Myphpnuke 1 Myphpnuke 2026-04-23 N/A
SQL injection vulnerability in print.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-2008-6573 1 Avaya 1 Communication Manager 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya Communication Manager 3.x, 4.0, and 5.0 (1) allow remote attackers to execute arbitrary SQL commands via unspecified vectors related to profiles in the SIP Personal Information Manager (SPIM) in the web interface; and allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to (2) permissions for SPIM profiles in the web interface and (3) a crafted SIP request to the SIP server.
CVE-2007-4456 2 Mambo, Parkview Consultants 2 Mambo, Simplefaq 2026-04-23 N/A
SQL injection vulnerability in index.php in the SimpleFAQ (com_simplefaq) 2.11 component for Mambo allows remote attackers to execute arbitrary SQL commands via the aid parameter. NOTE: it was later reported that 2.40 is also affected, and that the component can be used in Joomla! in addition to Mambo.
CVE-2008-4086 1 Source Workshop 1 Reciprocal Links Manager 2026-04-23 N/A
SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action.
CVE-2008-4046 1 Elitecms 1 Elitecms 2026-04-23 N/A
SQL injection vulnerability in index.php in eliteCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-6488 1 Softcomplex 1 Php Image Gallery 2026-04-23 N/A
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the Admin field in a login action.
CVE-2008-2093 3 Joomla, Joomlapolis, Mambo 3 Com Comprofiler, Community Builder, Com Comprofiler 2026-04-23 N/A
SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php.
CVE-2008-0255 1 Igamingcms 1 Igaming Cms 2026-04-23 N/A
SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter.
CVE-2007-4552 1 Agares Media 1 Arcadem 2026-04-23 N/A
SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not.
CVE-2008-6485 1 Softcomplex 1 Php Image Gallery 2026-04-23 N/A
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery allows remote attackers to execute arbitrary SQL commands via the ctg parameter.
CVE-2008-0815 2 Egitimhost, Joomla 2 Com Mezun, Com Mezun 2026-04-23 N/A
SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task.
CVE-2008-0816 1 Com Sg 1 Com Sg 2026-04-23 N/A
SQL injection vulnerability in the com_sg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task.
CVE-2007-6656 1 Cmsmadesimple 1 Cms Made Simple 2026-04-23 N/A
SQL injection vulnerability in content_css.php in the TinyMCE module for CMS Made Simple 1.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the templateid parameter.
CVE-2008-0817 2 Joomla, Mambo 2 Com Filebase Component, Com Filebase Component 2026-04-23 N/A
SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.
CVE-2007-6658 1 Customcms 1 Ccms 2026-04-23 N/A
SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page.
CVE-2008-0267 1 Eticket 1 Eticket 2026-04-23 N/A
Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php.