Export limit exceeded: 363428 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19719 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19719 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4736 | 1 Aves | 1 Rpg Board | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the showtopic parameter. | ||||
| CVE-2008-4738 | 1 Tufat | 1 Mycard | 2026-04-23 | N/A |
| SQL injection vulnerability in gallery.php in MyCard 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2667 | 2 Courier-mta, Suse | 2 Courtier-authlib, Open Suse | 2026-04-23 | N/A |
| SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors. | ||||
| CVE-2009-0106 | 1 Phpauctions | 1 Phpauctions | 2026-04-23 | N/A |
| SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | ||||
| CVE-2008-2669 | 1 Y-blog | 1 Yblog | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote attackers to execute arbitrary SQL commands via (1) the q parameter to search.php, or the n parameter to (2) user.php or (3) uss.php. | ||||
| CVE-2008-3153 | 1 Tritoncms | 1 Triton Cms Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header. | ||||
| CVE-2008-4743 | 1 Quidascript | 1 Faq Management Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in QuidaScript FAQ Management Script allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2008-4746 | 1 Uniwin | 1 Ecart Professional | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Uniwin eCart Professional 2.0.17 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) search.asp and (2) cartUtil.asp. | ||||
| CVE-2008-2678 | 1 Telephone | 1 Telephone Directory 2008 | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) code parameter in a confirm_data action to edit1.php and the (2) id parameter to view_more.php. | ||||
| CVE-2008-4755 | 1 Pozscripts | 1 Classified Auctions Script | 2026-04-23 | N/A |
| SQL injection vulnerability in gotourl.php in PozScripts Classified Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4757 | 1 Php-daily | 1 Php-daily | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHP-Daily allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) add_postit.php (b) delete.php, and (c) mod_prest_date.php; and the (2) prev parameter to (d) prest_detail.php. | ||||
| CVE-2009-0104 | 1 Se-ed | 1 Ezpack | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action. | ||||
| CVE-2008-4765 | 1 Oscommerce | 2 Online Merchant, Poll Booth | 2026-04-23 | N/A |
| SQL injection vulnerability in pollBooth.php in osCommerce Poll Booth Add-On 2.0 allows remote attackers to execute arbitrary SQL commands via the pollID parameter in a results operation. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect. | ||||
| CVE-2008-4766 | 1 O2php | 1 Oxygen Bulletin Board | 2026-04-23 | N/A |
| SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1.3 allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2700 | 1 Gwm | 1 Galatolo Webmanager | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in Galatolo WebManager 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0750 | 2 Tombstone, Txtsql | 2 Smnews, Txtsql | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-7003 | 1 The-rat-cms | 1 The-rat-cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.php in The Rat CMS Alpha 2 allow remote attackers to execute arbitrary SQL commands via the (1) user_id and (2) password parameter. | ||||
| CVE-2008-4768 | 1 Tlm Cms | 1 Tlm Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in TLM CMS 3.1 allows remote attackers to execute arbitrary SQL commands via the nom parameter to a-b-membres.php. NOTE: the goodies.php vector is already covered by CVE-2007-4808. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6980 | 1 Phpadultsite | 1 Phpadultsite Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in as_archives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to execute arbitrary SQL commands via the results_per_page parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4772 | 1 Questwork | 1 Questcms | 2026-04-23 | N/A |
| SQL injection vulnerability in main/main.php in QuestCMS allows remote attackers to execute arbitrary SQL commands via the obj parameter. | ||||