Export limit exceeded: 19689 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19689 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2972 1 Kblance 1 Kblance 2026-04-23 N/A
SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a comment action.
CVE-2008-3306 1 Youtube Blog 1 Youtube Blog 2026-04-23 N/A
SQL injection vulnerability in info.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3307. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3240 1 Alstrasoft 1 Affiliate Network Pro 2026-04-23 N/A
SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote attackers to execute arbitrary SQL commands via the pgm parameter in a directory action.
CVE-2009-3834 2 Joomla, Webguerilla 2 Joomla, Com Photoblog 2026-04-23 N/A
SQL injection vulnerability in the Photoblog (com_photoblog) component alpha 3 and alpha 3a for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in a blogs action to index.php.
CVE-2009-3718 1 Davethewebguy 1 Battle Blog 2026-04-23 N/A
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote attackers to execute arbitrary SQL commands via the UserName parameter.
CVE-2008-3765 1 Discountedscripts 1 Quick Poll Script 2026-04-23 N/A
SQL injection vulnerability in code.php in Quick Poll Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3223 2 Drupal, Fedoraproject 2 Drupal, Fedora 2026-04-23 N/A
SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 allows remote attackers to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for 'numeric' fields."
CVE-2008-3154 1 Webblizzard 1 Content Management System 2026-04-23 N/A
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-3151 2 Phpnuke, Warpspeed 2 4ndvddb, 4ndvddb 2026-04-23 N/A
SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_dvd action.
CVE-2008-5806 1 Deltascripts 1 Php Classifieds 2026-04-23 N/A
SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka admin field). NOTE: some of these details are obtained from third party information.
CVE-2008-3393 1 Infomining 1 Bookmine 2026-04-23 N/A
SQL injection vulnerability in events.cfm in BookMine allows remote attackers to execute arbitrary SQL commands via the events_id parameter.
CVE-2008-5767 1 Gazatem 1 Gnews Publisher 2026-04-23 N/A
SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter.
CVE-2008-3089 1 Xpoze 1 Xpoze Pro 2026-04-23 N/A
SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter.
CVE-2008-5739 1 Pligg 1 Pligg Cms 2026-04-23 N/A
SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 Beta allows remote attackers to execute arbitrary SQL commands via the url parameter.
CVE-2008-5737 1 Nodstrum 1 Mysql Calendar 2026-04-23 N/A
SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-3044 1 Typo3 1 News Calendar Extension 2026-04-23 N/A
SQL injection vulnerability in the News Calendar (newscalendar) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3055 1 Typo3 1 Support View Extension 2026-04-23 N/A
SQL injection vulnerability in the Support view (ext_tbl) extension 0.0.102 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-3667 1 Adsdx 1 Adsdx 2026-04-23 N/A
SQL injection vulnerability in admin/index.php in AdsDX 3.05 allows remote attackers to execute arbitrary SQL commands via the Username.
CVE-2008-6695 2 Frank Naegler, Typo3 2 Timtab Sociable, Typo3 2026-04-23 N/A
SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6696 2 Manu Oehler, Typo3 2 Toto, Typo3 2026-04-23 N/A
SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.