Export limit exceeded: 363428 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19719 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19719 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4736 1 Aves 1 Rpg Board 2026-04-23 N/A
SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the showtopic parameter.
CVE-2008-4738 1 Tufat 1 Mycard 2026-04-23 N/A
SQL injection vulnerability in gallery.php in MyCard 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2667 2 Courier-mta, Suse 2 Courtier-authlib, Open Suse 2026-04-23 N/A
SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.
CVE-2009-0106 1 Phpauctions 1 Phpauctions 2026-04-23 N/A
SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
CVE-2008-2669 1 Y-blog 1 Yblog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote attackers to execute arbitrary SQL commands via (1) the q parameter to search.php, or the n parameter to (2) user.php or (3) uss.php.
CVE-2008-3153 1 Tritoncms 1 Triton Cms Pro 2026-04-23 N/A
SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
CVE-2008-4743 1 Quidascript 1 Faq Management Script 2026-04-23 N/A
SQL injection vulnerability in index.php in QuidaScript FAQ Management Script allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2008-4746 1 Uniwin 1 Ecart Professional 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Uniwin eCart Professional 2.0.17 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) search.asp and (2) cartUtil.asp.
CVE-2008-2678 1 Telephone 1 Telephone Directory 2008 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) code parameter in a confirm_data action to edit1.php and the (2) id parameter to view_more.php.
CVE-2008-4755 1 Pozscripts 1 Classified Auctions Script 2026-04-23 N/A
SQL injection vulnerability in gotourl.php in PozScripts Classified Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4757 1 Php-daily 1 Php-daily 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PHP-Daily allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) add_postit.php (b) delete.php, and (c) mod_prest_date.php; and the (2) prev parameter to (d) prest_detail.php.
CVE-2009-0104 1 Se-ed 1 Ezpack 2026-04-23 N/A
SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action.
CVE-2008-4765 1 Oscommerce 2 Online Merchant, Poll Booth 2026-04-23 N/A
SQL injection vulnerability in pollBooth.php in osCommerce Poll Booth Add-On 2.0 allows remote attackers to execute arbitrary SQL commands via the pollID parameter in a results operation. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
CVE-2008-4766 1 O2php 1 Oxygen Bulletin Board 2026-04-23 N/A
SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1.3 allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2700 1 Gwm 1 Galatolo Webmanager 2026-04-23 N/A
SQL injection vulnerability in view.php in Galatolo WebManager 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0750 2 Tombstone, Txtsql 2 Smnews, Txtsql 2026-04-23 N/A
SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-7003 1 The-rat-cms 1 The-rat-cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in login.php in The Rat CMS Alpha 2 allow remote attackers to execute arbitrary SQL commands via the (1) user_id and (2) password parameter.
CVE-2008-4768 1 Tlm Cms 1 Tlm Cms 2026-04-23 N/A
SQL injection vulnerability in TLM CMS 3.1 allows remote attackers to execute arbitrary SQL commands via the nom parameter to a-b-membres.php. NOTE: the goodies.php vector is already covered by CVE-2007-4808. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6980 1 Phpadultsite 1 Phpadultsite Cms 2026-04-23 N/A
SQL injection vulnerability in as_archives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to execute arbitrary SQL commands via the results_per_page parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-4772 1 Questwork 1 Questcms 2026-04-23 N/A
SQL injection vulnerability in main/main.php in QuestCMS allows remote attackers to execute arbitrary SQL commands via the obj parameter.