Export limit exceeded: 363415 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19719 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19719 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-1651 1 2daybiz 1 Business Community Script 2026-04-23 N/A
SQL injection vulnerability in admin/member_details.php in 2daybiz Business Community Script allows remote attackers to execute arbitrary SQL commands via the mid parameter.
CVE-2009-1258 2 Joomla, Rd-media 2 Joomla, Com Rdautos 2026-04-23 N/A
SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1607 1 Serby Arslanhan 1 Bomba Haber 2026-04-23 N/A
SQL injection vulnerability in haberoku.php in Serbay Arslanhan Bomba Haber 2.0 allows remote attackers to execute arbitrary SQL commands via the haber parameter.
CVE-2008-2652 1 Smeweb 1 Smeweb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in catalog.php in SMEWeb 1.4b and 1.4f allow remote attackers to execute arbitrary SQL commands via the (1) idp and (2) category parameters.
CVE-2009-1799 1 Sebastian-thiele 1 St-gallery 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.php in ST-Gallery 0.1 alpha, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) gallery_category or (2) gallery_show parameter to example.php.
CVE-2009-1347 1 Chcounter 1 Chcounter 2026-04-23 N/A
Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via (1) the login_name parameter (aka the username field) or (2) the login_pw parameter (aka the password field).
CVE-2008-2651 1 Joomla 1 Com Joobb 2026-04-23 N/A
SQL injection vulnerability in the Joomla! Bulletin Board (aka Joo!BB or com_joobb) component 0.5.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the forum parameter in a forum action to index.php.
CVE-2009-1812 1 Collector 1 Mygesuad 2026-04-23 N/A
Multiple SQL injection vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote attackers to execute arbitrary SQL commands via (1) the formUser parameter (aka the Name field) to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to (2) kategorie.php, (3) budget.php, (4) zahlung.php, or (5) adresse.php in modules/, related to classes/class.perform.php.
CVE-2009-1813 1 Submitterscript 1 Submitterscript 2026-04-23 N/A
Multiple SQL injection vulnerabilities in admin/index.php in Submitter Script 2 allow remote attackers to execute arbitrary SQL commands via (1) the uNev parameter (aka the username field) or (2) the uJelszo parameter (aka the Password field).
CVE-2009-1816 1 Mygamescript 1 My Game Script 2026-04-23 N/A
SQL injection vulnerability in admin.php in My Game Script 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the username field). NOTE: some of these details are obtained from third party information.
CVE-2008-2643 1 Joomla 1 Com Biblestudy 2026-04-23 N/A
SQL injection vulnerability in the Bible Study (com_biblestudy) component before 6.0.7c for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a mediaplayer action to index.php.
CVE-2009-1819 1 2daybiz 1 Custom T-shirt Design Script 2026-04-23 N/A
SQL injection vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-1404 1 Pastel 1 Pastelcms 2026-04-23 N/A
SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user (Username) parameter.
CVE-2008-2629 2 Drupal, Lifetype 2 Drupal, Lifetype 2026-04-23 N/A
SQL injection vulnerability in the LifeType (formerly pLog) module for Drupal allows remote attackers to execute arbitrary SQL commands via the albumId parameter in a ViewAlbum action to index.php.
CVE-2008-0385 1 Urulu 1 Urulu 2026-04-23 N/A
SQL injection vulnerability in server/widgetallocator.php in Urulu 2.1 allows remote attackers to execute arbitrary SQL commands via the connectionId parameter to index.php with (1) statprt/js/request or (2) dyn/js/request in the PATH_INFO.
CVE-2009-1433 1 Silverstripe 1 Silverstripe 2026-04-23 N/A
SQL injection vulnerability in File::find (filesystem/File.php) in SilverStripe before 2.3.1 allows remote attackers to execute arbitrary SQL commands via the filename parameter.
CVE-2009-1850 1 Benjamin Curtis 1 Phpbugtracker 2026-04-23 N/A
SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2009-1851 1 Benjamin Curtis 1 Phpbugtracker 2026-04-23 N/A
SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-1852 1 Graphiks 1 Myforum 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Graphiks MyForum 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
CVE-2009-1853 1 Kenseiboard 1 Kensei Board 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Kensei Board 2.0 BETA (aka 2.0.0b) and earlier allow remote attackers to execute arbitrary SQL commands via the (1) f and (2) t parameters in a showforum action.