Export limit exceeded: 365157 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 365157 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19808 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19808 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-7049 | 1 Natterchat | 1 Natterchat | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote attackers to execute arbitrary SQL commands via the (1) txtUsername parameter (aka Username) and (2) txtPassword parameter (aka Password) in a form generated by home.asp. NOTE: due to lack of details, it is not clear whether this is related to CVE-2004-2206. | ||||
| CVE-2009-1585 | 1 R020 | 1 Tematres | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in TemaTres 1.031, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id_correo_electronico and (2) id_password parameters to login.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1584 | 1 R020 | 1 Tematres | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, when magic_quotes_gpc is disabled, allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) mail, (2) password, and (3) letra parameters to index.php; (4) y and (5) m parameters to sobre.php; and the (6) dcTema, (7) madsTema, (8) zthesTema, (9) skosTema, and (10) xtmTema parameters to xml.php. | ||||
| CVE-2009-2239 | 1 Joomla | 4 Com Casiino Blackjack, Com Casino Videopoker, Com Casinobase and 1 more | 2026-04-23 | N/A |
| SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | ||||
| CVE-2009-4104 | 2 Joomla, Lyften | 2 Joomla\!, Com Lyftenbloggie | 2026-04-23 | N/A |
| SQL injection vulnerability in Lyften Designs LyftenBloggie (com_lyftenbloggie) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter to index.php. | ||||
| CVE-2008-3206 | 1 Iamilkay | 1 Yuhhu Pubs Black Cat | 2026-04-23 | N/A |
| SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black Cat allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2008-1869 | 1 Site Sift Media | 1 Site Sift Listings | 2026-04-23 | N/A |
| SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific. | ||||
| CVE-2008-1870 | 1 Geek247 | 1 Pigmy-sql | 2026-04-23 | N/A |
| SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5586 | 1 Check Up | 1 Check New | 2026-04-23 | N/A |
| SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | ||||
| CVE-2008-5733 | 1 Php-fusion | 2 Php-fusion, Team Impact Ti Blog System Module | 2026-04-23 | N/A |
| SQL injection vulnerability in blog.php in the Team Impact TI Blog System mod for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5588 | 1 Katywhitton | 1 Rankem | 2026-04-23 | N/A |
| SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the siteID parameter. | ||||
| CVE-2008-5589 | 1 Katywhitton | 1 Rankem | 2026-04-23 | N/A |
| SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the (1) txtusername parameter (aka username field) or the (2) txtpassword parameter (aka password field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5590 | 1 Kalptaru Infotech | 1 Product Sale Framework | 2026-04-23 | N/A |
| SQL injection vulnerability in customer.forumtopic.php in Kalptaru Infotech Product Sale Framework 0.1 beta allows remote attackers to execute arbitrary SQL commands via the forum_topic_id parameter. | ||||
| CVE-2009-0420 | 2 Joomla, Rd-media | 2 Joomla, Rd-autos | 2026-04-23 | N/A |
| SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | ||||
| CVE-2008-6798 | 1 Preprojects | 1 Pre Real Estate Listings | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.php in Pre Projects Pre Real Estate Listings allow remote attackers to execute arbitrary SQL commands via (1) the us parameter (aka the Username field) or (2) the ps parameter (aka the Password field). | ||||
| CVE-2009-3804 | 1 Runcms | 1 Runcms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or (2) the topic_id parameter. | ||||
| CVE-2009-0968 | 2 Fahlstad, Wordpress | 2 Fmoblog Plugin, Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3749 | 1 Yourfreeworld | 1 Banner Management Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-2096 | 1 David Degner | 1 Phpcollegeexchange | 2026-04-23 | N/A |
| SQL injection vulnerability in house/listing_view.php in phpCollegeExchange 0.1.5c allows remote attackers to execute arbitrary SQL commands via the itemnr parameter. | ||||
| CVE-2008-5665 | 1 Xoops | 1 Xoops | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter. | ||||