Export limit exceeded: 19810 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19810 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4653 | 1 Phpbb | 1 Phpbb | 2026-04-23 | N/A |
| SQL injection vulnerability in links.php in the Links MOD 1.2.2 and earlier for phpBB 2.0.22 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter in a search action. | ||||
| CVE-2007-4604 | 1 Dinkumsoft.com | 1 Dl Paycart | 2026-04-23 | N/A |
| SQL injection vulnerability in viewitem.php in DL PayCart 1.01 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | ||||
| CVE-2007-4597 | 1 Turnkey Web Tools | 1 Sunshop Shopping Cart | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the s[cid] parameter in a search_list action, a different vector than CVE-2007-2549. | ||||
| CVE-2007-6467 | 1 Mkportal | 1 Mkportal | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MKPortal 1.1 RC1 allows remote attackers to execute arbitrary SQL commands via the ida parameter in a gallery foto_show action. | ||||
| CVE-2007-1154 | 1 Webspell | 1 Webspell | 2026-04-23 | N/A |
| SQL injection vulnerability in webSPELL allows remote attackers to execute arbitrary SQL commands via a ws_auth cookie, a different vulnerability than CVE-2006-4782. | ||||
| CVE-2007-6462 | 1 Php Real Estate Classifieds | 1 Php Real Estate Classifieds Premium Plus | 2026-04-23 | N/A |
| SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-3705 | 1 Fusetalk | 1 Fusetalk | 2026-04-23 | N/A |
| SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVAR_SUBCAT (txForumID) parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm. | ||||
| CVE-2007-3677 | 1 Maxsi | 1 Evisit Analyst | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) idsp1.pl, (2) ip.pl, and (3) einsite_director.pl. NOTE: this issue can be leveraged for path disclosure from resulting error messages. | ||||
| CVE-2008-5054 | 1 Develop It Easy | 1 Membership System | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters to customer_login.php and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5055 | 1 Activecampaign | 1 Triolive | 2026-04-23 | N/A |
| SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to execute arbitrary SQL commands via the department_id parameter to index.php. | ||||
| CVE-2008-5057 | 1 Aspindir | 1 Dizi Portali | 2026-04-23 | N/A |
| SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-5058 | 1 Preproject | 1 Pre Simple Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5064 | 1 H\&h | 1 Websoccer | 2026-04-23 | N/A |
| SQL injection vulnerability in liga.php in H&H WebSoccer 2.80 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5075 | 1 Scriptsfrenzy | 1 E-uploader Pro | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka Uploader PRO), when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) img.php, (b) file.php, (c) mail.php, (d) thumb.php, (e) zip.php, and (f) zipit.php, and (2) the view parameter to (g) browser.php. | ||||
| CVE-2008-5087 | 1 Typo3 | 2 Another Backend Login, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in TYPO3 Another Backend Login (wrg_anotherbelogin) extension before 0.0.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-3539 | 1 Qt-cute | 2 Quicktalk Forum, Quickticket | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in QuickTicket 1.2 build:20070621 and QuickTalk Forum 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) t and (2) f parameters in (a) qti_ind_post.php and (b) qti_ind_post_prt.php; (3) dir and (4) order parameters in qti_ind_member.php; (5) id parameter in qti_usr.php; and the (6) f parameter in qti_ind_topic.php. NOTE: it was later reported that vector 5 also affects 1.4, 1.5, and 1.5.0.3. | ||||
| CVE-2008-5088 | 1 Knowledgebase-script | 1 Phpkb Knowledge Base Software | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHPKB Knowledge Base Software 1.5 Professional allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) email.php and (2) question.php, a different vector than CVE-2008-1909. | ||||
| CVE-2008-5097 | 1 Myfwb | 1 Myfwb | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MyFWB 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2008-5132 | 1 Memht | 1 Memht Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header. | ||||
| CVE-2007-5996 | 1 Softbizscripts | 1 Link Directory Script | 2026-04-23 | N/A |
| SQL injection vulnerability in searchresult.php in Softbiz Link Directory Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter, a related issue to CVE-2007-5449. | ||||