Export limit exceeded: 19683 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19683 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1990 | 1 Acidcat | 1 Acidcat Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) cID parameter to default.asp and the (2) username parameter to main_login2.asp. | ||||
| CVE-2007-4984 | 2 Ktauber, Phpbb | 2 Stylesdemo, Phpbb | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Ktauber.com StylesDemo mod for phpBB 2.0.xx allows remote attackers to execute arbitrary SQL commands via the s parameter. | ||||
| CVE-2008-6484 | 1 Mole-group | 1 Taxi Calc Dist Script | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in Mole Group Taxi Map Script (aka Taxi Calc Dist Script) allows remote attackers to execute arbitrary SQL commands via the user field. | ||||
| CVE-2007-1548 | 1 Webwizguide | 1 Web Wiz Forums | 2026-04-23 | N/A |
| SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp. | ||||
| CVE-2008-1494 | 1 Easy-clanpage | 1 Easy-clanpage | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/module/online.php in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a user details action, a different vector than CVE-2008-1425. | ||||
| CVE-2008-2180 | 1 Cplinks | 1 Cplinks | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) admin_username parameter (aka the username field) to admin/index.php and the (2) search_text and (3) search_category parameters to search.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2183 | 1 Toocharger | 1 Smartblog | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to execute arbitrary SQL commands via the idt parameter. | ||||
| CVE-2008-6730 | 1 China-on-site | 1 Flexphplink | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php. | ||||
| CVE-2008-1220 | 1 Phpnuke | 1 4nchat | 2026-04-23 | N/A |
| SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the roomid parameter in an index action to modules.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1573 | 1 Jelsoft | 1 Vbulletin | 2026-04-23 | N/A |
| SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field. | ||||
| CVE-2008-2096 | 1 Backlinkspider | 1 Backlink Spider | 2026-04-23 | N/A |
| SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php. | ||||
| CVE-2008-6777 | 1 Myphp | 1 Myphp Forum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a confirm action, the (2) user parameter in a newconfirm action, and (3) reqpwd action to member.php; and the (4) quote parameter in a post action and (5) pid parameter in an edit action to post.php, different vectors than CVE-2005-0413.2 and CVE-2007-6667. | ||||
| CVE-2008-6780 | 1 Scripts-for-sites | 1 Ez Affiliate | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Scripts for Sites (SFS) SFS EZ Affiliate allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-6781 | 1 Scripts-for-sites | 1 Ez Gaming Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Sites for Scripts (SFS) Gaming Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-6782 | 1 Scripts-for-sites | 1 Ez Hosting Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Hosting Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-6784 | 1 Scripts-for-sites | 1 Ez Adult Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Adult Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2009-1503 | 1 Tigerdms | 1 Tigerdms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.php in Tiger Document Management System (DMS) allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | ||||
| CVE-2009-1508 | 1 Keir Davis | 1 X-forum | 2026-04-23 | N/A |
| SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php. | ||||
| CVE-2009-1509 | 1 Myiosoft | 1 Ajaxportal | 2026-04-23 | N/A |
| SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2008-2118 | 1 Project Alumni | 1 Project Alumni | 2026-04-23 | N/A |
| SQL injection vulnerability in info.php in Project Alumni 1.0.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||