Export limit exceeded: 19727 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19727 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5122 1 Ektron 1 Cms4000.net 2026-04-23 N/A
SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in Ektron CMS400.NET 7.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the res parameter.
CVE-2008-5097 1 Myfwb 1 Myfwb 2026-04-23 N/A
SQL injection vulnerability in index.php in MyFWB 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-5088 1 Knowledgebase-script 1 Phpkb Knowledge Base Software 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PHPKB Knowledge Base Software 1.5 Professional allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) email.php and (2) question.php, a different vector than CVE-2008-1909.
CVE-2008-5087 1 Typo3 2 Another Backend Login, Typo3 2026-04-23 N/A
SQL injection vulnerability in TYPO3 Another Backend Login (wrg_anotherbelogin) extension before 0.0.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-5075 1 Scriptsfrenzy 1 E-uploader Pro 2026-04-23 N/A
Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka Uploader PRO), when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) img.php, (b) file.php, (c) mail.php, (d) thumb.php, (e) zip.php, and (f) zipit.php, and (2) the view parameter to (g) browser.php.
CVE-2008-5064 1 H\&h 1 Websoccer 2026-04-23 N/A
SQL injection vulnerability in liga.php in H&H WebSoccer 2.80 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5058 1 Preproject 1 Pre Simple Cms 2026-04-23 N/A
SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. NOTE: some of these details are obtained from third party information.
CVE-2008-5057 1 Aspindir 1 Dizi Portali 2026-04-23 N/A
SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5055 1 Activecampaign 1 Triolive 2026-04-23 N/A
SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to execute arbitrary SQL commands via the department_id parameter to index.php.
CVE-2008-5054 1 Develop It Easy 1 Membership System 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters to customer_login.php and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-5051 2 Jooblog, Joomla 2 Jooblog, Joomla 2026-04-23 N/A
SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php.
CVE-2008-6438 2 E107, E107coders 2 E107, Macguru Blog Engine Plugin 2026-04-23 N/A
SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected.
CVE-2008-6038 1 Mapcal 1 Mapcal 2026-04-23 N/A
SQL injection vulnerability in index.php in MapCal 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an editevent action, possibly related to dsp_editevent.php.
CVE-2008-3256 1 Siteframe 2 Siteframe Beaumont, Siteframe Cms 2026-04-23 N/A
SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and earlier, and Siteframe Beaumont 5.0.5 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6042 1 Netartmedia 1 Real Estate Portal 2026-04-23 N/A
SQL injection vulnerability in the re_search module in NetArtMedia Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the ad parameter to index.php.
CVE-2008-2038 1 Turnkey Solutions 1 Sunshop Shopping Cart 2026-04-23 N/A
Multiple SQL injection vulnerabilities in admin/adminindex.php in Turnkey Web Tools SunShop Shopping Cart 4.1.0 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) orderby and (2) sort parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6046 1 Adbnewssender Project 1 Adbnewssender 2026-04-23 N/A
SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in (1) opt_in_out.php.inc, (2) confirmation.php.inc, and (3) renewal.php.inc in mailinglist/.
CVE-2008-2915 1 Preprojects 1 Pre Job Board 2026-04-23 N/A
Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (aka the search module) in Pre Job Board allow remote attackers to execute arbitrary SQL commands via the (1) position or (2) kw parameter.
CVE-2008-2918 1 Application Dynamics 1 Cartweaver 2026-04-23 N/A
SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote attackers to execute arbitrary SQL commands via the prodId parameter, possibly a related issue to CVE-2006-2046.3.
CVE-2008-2919 1 Gryphonllc 1 Gryphon Gllcts2 2026-04-23 N/A
SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the sort parameter.