Export limit exceeded: 19795 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19795 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6319 1 Cfmsource 1 Cf Calendar 2026-04-23 N/A
SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter.
CVE-2008-6276 2 Drupal, Joomla 2 User Karma Module, Joomla\! 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allow remote authenticated administrators to execute arbitrary SQL commands via (1) a content type or (2) a voting API value.
CVE-2008-6266 1 Appstate 1 Phpwebsite 2026-04-23 N/A
SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.
CVE-2008-6257 1 Openasp 1 Openasp 2026-04-23 N/A
SQL injection vulnerability in default.asp in Openasp 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idpage parameter in the pages module.
CVE-2008-6256 1 Vbulletin 1 Vbulletin 2026-04-23 N/A
SQL injection vulnerability in admincp/admincalendar.php in vBulletin 3.7.3.pl1 allows remote authenticated administrators to execute arbitrary SQL commands via the holidayinfo[recurring] parameter, a different vector than CVE-2005-3022.
CVE-2008-6255 1 Vbulletin 1 Vbulletin 2026-04-23 N/A
Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php.
CVE-2008-6213 1 Harlandscripts 1 Pro Traffic One 2026-04-23 N/A
SQL injection vulnerability in mypage.php in Harlandscripts Pro Traffic One allows remote attackers to execute arbitrary SQL commands via the trg parameter.
CVE-2008-6209 1 Vastal 1 Software Zone 2026-04-23 N/A
SQL injection vulnerability in view_product.php in Vastal I-Tech Software Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-6040 1 Agares Media 1 Arcadem Pro 2026-04-23 N/A
SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php.
CVE-2008-5273 1 Toddwoolums 1 Todd Woolums Asp News Management 2026-04-23 N/A
SQL injection vulnerability in viewnews.asp in Todd Woolums ASP News Management 2.2 allows remote attackers to execute arbitrary SQL commands via the newsID parameter.
CVE-2008-4204 1 Softacid 1 Hotel Reservation System 2026-04-23 N/A
SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation System (HRS) allows remote attackers to execute arbitrary SQL commands via the city parameter.
CVE-2008-4185 1 Webcms 1 Webcms Portal Edition 2026-04-23 N/A
SQL injection vulnerability in index.php in webCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id parameter in a documentos action, a different vector than CVE-2008-3213.
CVE-2008-4144 1 Discountedscripts 1 E-gold Script Shop 2026-04-23 N/A
SQL injection vulnerability in index.php in ACG-ScriptShop E-Gold Script Shop allows remote attackers to execute arbitrary SQL commands via the cid parameter in a showcat action.
CVE-2008-4143 1 Razorecommerce 1 Shopping Cart 2026-04-23 N/A
SQL injection vulnerability in category_search.php in RazorCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4082 1 Brim-project 1 Brim 2026-04-23 N/A
SQL injection vulnerability in the Tasks plugin in Brim 2.0.0, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via an arbitrary field in a search action to index.php.
CVE-2008-5650 1 Alstrasoft 1 Webhost Directory 2026-04-23 N/A
SQL injection vulnerability in the login directory in AlstraSoft Web Host Directory allows remote attackers to execute arbitrary SQL commands via the pwd parameter.
CVE-2008-4074 1 Zanfi Solutions 1 Autodealers Cms Autonline 2026-04-23 N/A
SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
CVE-2008-5213 1 Aj Square 1 Aj Article 2026-04-23 N/A
SQL injection vulnerability in featured_article.php in AJ Article 1.0 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a search detail action.
CVE-2008-3867 1 Cce-interact 1 Interact 2026-04-23 N/A
SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to execute arbitrary SQL commands via the email_user_key parameter.
CVE-2009-4217 2 Itamar Elharar, Joomla 2 Com Musicgallery, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the Itamar Elharar MusicGallery (com_musicgallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an itempage action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.