Export limit exceeded: 19792 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19792 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-0479 1 Onlinegrades 1 Online Grades 2026-04-23 N/A
Multiple SQL injection vulnerabilities in admin/admin_login.php in Online Grades 3.2.4 allow remote attackers to execute arbitrary SQL commands via the (1) uname or (2) pword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-0808 1 Simple Cmms 1 Simplecmms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in SimpleCMMS before 0.1.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-5863 2 V-gn, Woltlab 2 Userlocator, Burning Board 2026-04-23 N/A
SQL injection vulnerability in locator.php in the Userlocator module 3.0 for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the y parameter in a get_user action.
CVE-2008-5859 1 Constructr 1 Constructr-cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the show_page parameter.
CVE-2008-4465 1 Vastal I-tech 1 Dvd Zone 2026-04-23 N/A
SQL injection vulnerability in view_mags.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-5820 1 Edreamers 1 Ednews 2026-04-23 N/A
SQL injection vulnerability in eDNews_view.php in eDreamers eDNews 2 allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
CVE-2008-5817 1 Web Scribble Solutions 1 Webclassifieds 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Web Scribble Solutions webClassifieds 2005 allow remote attackers to execute arbitrary SQL commands via the (1) user and (2) password fields in a sign_in action.
CVE-2008-5816 1 Ilias 1 Ilias 2026-04-23 N/A
SQL injection vulnerability in repository.php in ILIAS 3.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ref_id parameter.
CVE-2008-5815 1 Phpalumni 1 Phpalumni 2026-04-23 N/A
SQL injection vulnerability in Acomment.php in phpAlumni allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5813 1 Spip 1 Spip 2026-04-23 N/A
SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-0462 1 Clicktech 1 Clickcart 2026-04-23 N/A
Multiple SQL injection vulnerabilities in customer_login_check.asp in ClickTech ClickCart 6.0 allow remote attackers to execute arbitrary SQL commands via (1) the txtEmail parameter (aka E-MAIL field) or (2) the txtPassword parameter (aka password field) to customer_login.asp. NOTE: some of these details are obtained from third party information.
CVE-2008-5811 1 Joomla 2 Com Paxgallery, Joomla 2026-04-23 N/A
SQL injection vulnerability in the PaxGallery (com_paxgallery) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter in a table action to index.php.
CVE-2009-0458 1 Wholehogsoftware 1 Ware Support 2026-04-23 N/A
Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Ware Support 1.x allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of these details are obtained from third party information.
CVE-2008-5805 1 Deltascripts 1 Php Classifieds 2026-04-23 N/A
SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the siteid parameter, a different vector than CVE-2006-5828.
CVE-2008-4517 1 Geccbblite 1 Geccbblite 2026-04-23 N/A
SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5804 1 E-topbiz 1 Number Links 1 Php Script 2026-04-23 N/A
SQL injection vulnerability in admin/admin_catalog.php in e-topbiz Number Links 1 Php Script allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action.
CVE-2009-0454 1 Dmxready 1 Online Notebook Manager 2026-04-23 N/A
Multiple SQL injection vulnerabilities in DMXReady Online Notebook Manager 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field. NOTE: some third parties report inability to verify this issue.
CVE-2008-5803 1 E-topbiz 1 Online Store 2026-04-23 N/A
SQL injection vulnerability in admin/login.php in E-topbiz Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka username field). NOTE: some of these details are obtained from third party information.
CVE-2008-4518 1 Fastpublish 1 Fastpublish Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) allow remote attackers to execute arbitrary SQL commands via the (1) sprache parameter to index2.php and the (2) artikel parameter to index.php.
CVE-2008-5609 1 Typo3 2 Commerce Extension, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.