Export limit exceeded: 19678 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19678 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6197 1 Kwsphp 2 Galerie Module, Kwsphp 2026-04-23 N/A
SQL injection vulnerability in index.php in the galerie module for KwsPHP 1.3.456 allows remote attackers to execute arbitrary SQL commands via the id_gal parameter in a gal action.
CVE-2008-2125 1 Musicbox 1 Musicbox 2026-04-23 N/A
SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to execute arbitrary SQL commands via the artistId parameter.
CVE-2008-3720 1 Deeemm 1 Dmcms 2026-04-23 N/A
SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the id vector is already covered by CVE-2007-5679.
CVE-2008-3416 1 Icebb 1 Icebb 2026-04-23 N/A
SQL injection vulnerability in modules/members.php in IceBB before 1.0-rc9.3 allows remote attackers to execute arbitrary SQL commands via the username parameter in a members action to index.php, related to an incorrect protection mechanism in the clean_string function in includes/functions.php.
CVE-2008-3722 1 Fipsasp 1 Fipscms 2026-04-23 N/A
SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6202 1 Jakob-persson 1 Cobalt 2026-04-23 N/A
SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) urun.asp, (2) admin/bayi_listele.asp, (3) admin/urun_grup_listele.asp, and (4) admin/urun_listele.asp.
CVE-2009-2359 1 Yasinkaplan 1 Tekradius 2026-04-23 N/A
Multiple SQL injection vulnerabilities in TekRADIUS 3.0 allow context-dependent attackers to execute arbitrary SQL commands via (1) the GUI client, as demonstrated by input to the Browse Users text box in the Users tab; or (2) the command-line client, as demonstrated by a certain trcli -r command.
CVE-2008-6203 1 Jakob-persson 1 Cobalt 2026-04-23 N/A
SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3417 1 Fipsasp 1 Fipscms Light 2026-04-23 N/A
SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the r parameter, a different vector than CVE-2006-6115 and CVE-2007-2561.
CVE-2008-3725 1 Yourfreeworld 1 Ad Board Script 2026-04-23 N/A
SQL injection vulnerability in trr.php in YourFreeWorld Ad Board Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6204 1 Supernet 1 Supernet Shop 2026-04-23 N/A
Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to secure/admin/guncelle.asp, (2) kulad and sifre parameters to secure/admin/giris.asp, and (3) username and password to secure/admin/default.asp.
CVE-2008-2135 1 Visualshapers 1 Ezcontents 2026-04-23 N/A
Multiple SQL injection vulnerabilities in VisualShapers ezContents 2.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) contentname parameter to showdetails.php and the (2) article parameter to printer.php.
CVE-2008-6216 1 Bookingcentre 1 Booking System For Hotels Group 2026-04-23 N/A
SQL injection vulnerability in cadena_ofertas_ext.php in Venalsur Booking Centre Booking System for Hotels Group allows remote attackers to execute arbitrary SQL commands via the OfertaID parameter.
CVE-2008-6225 1 Mole-group 1 Airline Ticket Sale Script 2026-04-23 N/A
SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote attackers to execute arbitrary SQL commands via the flight parameter. NOTE: the vendor has disputed this issue, stating "crazy hackers and so named Security companies [spread] out such false informations. Such scripts or versions [do not] exist.
CVE-2008-6230 1 Preprojects 1 Pre Podcast Portal 2026-04-23 N/A
SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2354 1 Nulllogic 1 Groupware 2026-04-23 N/A
SQL injection vulnerability in the auth_checkpass function in the login page in NullLogic Groupware 1.2.7 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-3748 1 Lbstone 2 Active Php Bookmarks, Apb 2026-04-23 N/A
SQL injection vulnerability in view_group.php in Active PHP Bookmarks (APB) 1.1.02 and 1.2.06 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3750 1 Yourfreeworld 1 Url Rotator Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3751 1 Yourfreeworld 1 Short Url And Url Tracker Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3752 1 Yourfreeworld 1 Ad-exchange Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld Ad-Exchange Script allows remote attackers to execute arbitrary SQL commands via the id parameter.