Export limit exceeded: 23197 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19728 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19728 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0874 1 Xoops 1 Eempregos Module 2026-04-23 N/A
SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
CVE-2008-4746 1 Uniwin 1 Ecart Professional 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Uniwin eCart Professional 2.0.17 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) search.asp and (2) cartUtil.asp.
CVE-2008-4743 1 Quidascript 1 Faq Management Script 2026-04-23 N/A
SQL injection vulnerability in index.php in QuidaScript FAQ Management Script allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2008-0601 1 All Club Cms 1 All Club Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter.
CVE-2008-2850 1 Drupal 1 Trailscout Module 2026-04-23 N/A
SQL injection vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified cookies, related to improper use of the Drupal database API.
CVE-2008-3682 1 Ypninc 1 Php Realty 2026-04-23 N/A
SQL injection vulnerability in dpage.php in YPN PHP Realty allows remote attackers to execute arbitrary SQL commands via the docID parameter.
CVE-2007-6164 1 Eurologon 1 Eurologon Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Eurologon CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) reviews.php, (2) links.php and (3) articles.php.
CVE-2007-6373 1 Gestdown 1 Gestdown 2026-04-23 N/A
Multiple SQL injection vulnerabilities in GestDown 1.00 Beta allow remote attackers to execute arbitrary SQL commands via the (1) categorie parameter to catdownload.php, or the id parameter to (2) download.php or (3) hitcounter.php.
CVE-2008-6142 1 China-on-site 1 Flexphpic 2026-04-23 N/A
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPic 0.0.4 and FlexPHPic Pro 0.0.3, and other 0.0.x versions, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php.
CVE-2007-6318 1 Wordpress 1 Wordpress 2026-04-23 N/A
SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or possibly other character set encodings that support a "\" in a multibyte character.
CVE-2007-5233 1 Deonixscripts 1 Web Template Management System 2026-04-23 N/A
SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a readmore action.
CVE-2008-5864 2 Joomla, Joomlahbs 3 Joomla, Com Tophotelmodule, Hotel Booking Reservation System 2026-04-23 N/A
SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
CVE-2008-3153 1 Tritoncms 1 Triton Cms Pro 2026-04-23 N/A
SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
CVE-2008-3674 1 Pozscripts 1 Tubeguru Video Sharing Script 2026-04-23 N/A
SQL injection vulnerability in ugroups.php in PozScripts TubeGuru Video Sharing Script allows remote attackers to execute arbitrary SQL commands via the UID parameter.
CVE-2008-3306 1 Youtube Blog 1 Youtube Blog 2026-04-23 N/A
SQL injection vulnerability in info.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3307. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-4700 1 Liberiacms 1 Liberia Cms 2026-04-23 N/A
SQL injection vulnerability in admin.php in Libera CMS 1.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_pass cookie parameter.
CVE-2008-3673 1 Pozscripts 1 Classified Ads 2026-04-23 N/A
SQL injection vulnerability in browsecats.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3672.
CVE-2008-6950 1 Webhost-panel 1 Bankoi Webhosting Control Panel 2026-04-23 N/A
Multiple SQL injection vulnerabilities in login.asp in Bankoi WebHosting Control Panel 1.20 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field.
CVE-2008-3672 1 Pozscripts 1 Classified Ads 2026-04-23 N/A
SQL injection vulnerability in showcategory.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3673. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2632 1 Joomla 2 Com Acctexp, Joomla 2026-04-23 N/A
SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php.