Export limit exceeded: 19786 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19786 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2102 2 Com Jumi, Joomla 2 Com Jumi, Joomla 2026-04-23 N/A
SQL injection vulnerability in the Jumi (com_jumi) component 2.0.3 and possibly other versions for Joomla allows remote attackers to execute arbitrary SQL commands via the fileid parameter to index.php.
CVE-2008-7044 1 Ajsquare 1 Free Polling Script 2026-04-23 N/A
SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to execute arbitrary SQL commands via the ques parameter.
CVE-2008-4599 1 Mosaic Commerce 1 Mosaic Commerce 2026-04-23 N/A
SQL injection vulnerability in category.php in Mosaic Commerce allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2009-0604 1 Php Director 1 Php Director 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP Director 0.21 and earlier allows remote attackers to execute arbitrary SQL commands via the searching parameter.
CVE-2008-4603 1 Igaming 1 Cms 2026-04-23 N/A
SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action.
CVE-2008-4604 1 Cafeengine 1 Easycafeengine 2026-04-23 N/A
SQL injection vulnerability in index.php in Easy CafeEngine 1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter.
CVE-2008-4605 1 Cafeengine 1 Easycafeengine 2026-04-23 N/A
SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) dish.php and (2) menu.php.
CVE-2008-4606 1 Ip Reg 1 Ip Reg 2026-04-23 N/A
Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) location_id parameter to locationdel.php and (2) vlan_id parameter to vlanedit.php. NOTE: the vlanview.php and vlandel.php vectors are already covered by CVE-2007-6579.
CVE-2008-4611 1 Php Arsivimiz 1 Php Ziyaretci Defteri 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP Arsivimiz Php Ziyaretci Defteri allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
CVE-2008-6866 1 Php-nuke 1 Current Issue Module 2026-04-23 N/A
SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action.
CVE-2008-6865 2 Php-nuke, Phpnuke 2 Sections Module, Php-nuke 2026-04-23 N/A
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
CVE-2008-7059 1 Aled Owen 1 One-news 2026-04-23 N/A
SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter.
CVE-2009-2096 1 David Degner 1 Phpcollegeexchange 2026-04-23 N/A
SQL injection vulnerability in house/listing_view.php in phpCollegeExchange 0.1.5c allows remote attackers to execute arbitrary SQL commands via the itemnr parameter.
CVE-2008-5665 1 Xoops 1 Xoops 2026-04-23 N/A
SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter.
CVE-2009-2097 1 Zokisoft 1 Zoki Catalog 2026-04-23 N/A
SQL injection vulnerability in system/application/controllers/catalog.php in Zoki Soft Zoki Catalog (aka Smart Catalog) allows remote attackers to execute arbitrary SQL commands via the search_text parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-2099 2 Ijoomla, Joomla 2 Com Rssfeeder, Joomla 2026-04-23 N/A
SQL injection vulnerability in the iJoomla RSS Feeder (com_ijoomla_rss) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in an xml action to index.php.
CVE-2008-6985 1 Zen-cart 1 Zen Cart 2026-04-23 N/A
Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart.
CVE-2008-4675 1 Phpcounter 1 Phpcounter 2026-04-23 N/A
SQL injection vulnerability in index.php in PHPcounter 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter.
CVE-2009-2113 1 Fretsweb Project 1 Fretsweb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) name parameter to player.php and the (2) hash parameter to song.php.
CVE-2009-2122 2 Paolo Palmonari, Wordpress 2 Photoracer Plugin For Wordpress, Wordpress 2026-04-23 N/A
SQL injection vulnerability in viewimg.php in the Paolo Palmonari Photoracer plugin 1.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.