Export limit exceeded: 19811 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19811 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0607 3 Joomla, Mambo, Sigsiu.net 3 Com Sobi2, Com Sobi2, Sobi2 2026-04-23 N/A
SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-3718 1 Davethewebguy 1 Battle Blog 2026-04-23 N/A
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote attackers to execute arbitrary SQL commands via the UserName parameter.
CVE-2007-5986 1 Btiteam 1 Btitracker 2026-04-23 N/A
SQL injection vulnerability in include/functions.php in BtiTracker before 1.4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2007-5991 1 Exo 1 Exophpdesk 2026-04-23 N/A
SQL injection vulnerability in index.php in ExoPHPdesk allows remote attackers to execute arbitrary SQL commands via the user parameter in a profile fn action.
CVE-2009-3712 1 Ebayclonescript 1 Ebay Clone 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php; and the item_id parameter to (2) view_full_size.php, (3) classifide_ad.php, and (4) crosspromoteitems.php.
CVE-2008-3724 1 Papoo 1 Papoo 2026-04-23 N/A
SQL injection vulnerability in index.php in Papoo before 3.7.2 allows remote attackers to execute arbitrary SQL commands via the suchanzahl parameter.
CVE-2007-5996 1 Softbizscripts 1 Link Directory Script 2026-04-23 N/A
SQL injection vulnerability in searchresult.php in Softbiz Link Directory Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter, a related issue to CVE-2007-5449.
CVE-2008-5640 1 Activewebsoftwares 1 Active Bids 2026-04-23 N/A
SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2007-6491 1 Kvaliitti 1 Webdoc Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Kvaliitti WebDoc 3.0 CMS allow remote attackers to execute arbitrary SQL commands via (1) the cat_id parameter to categories.asp; and probably (2) the document_id parameter to categories.asp, and the (3) cat_id and (4) document_id parameters to subcategory.asp.
CVE-2009-3054 2 Artetics, Joomla 2 Com Artportal, Joomla 2026-04-23 N/A
SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php.
CVE-2009-3042 1 Ocsinventory-ng 1 Ocs Inventory Ng 2026-04-23 N/A
SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote attackers to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040.
CVE-2008-5000 1 Phpx 1 Phpx 2026-04-23 N/A
SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via uppercase characters in the news_id parameter.
CVE-2008-1094 1 Barracuda Networks 1 Barracuda Spam Firewall 2026-04-23 N/A
SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter.
CVE-2009-2915 1 2fly 1 Gift Delivery System 2026-04-23 N/A
SQL injection vulnerability in 2fly_gift.php in 2FLY Gift Delivery System 6.0 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a content action.
CVE-2008-5491 1 Slimcms 1 Slimcms 2026-04-23 N/A
SQL injection vulnerability in edit.php in SlimCMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the pageID parameter.
CVE-2008-0683 1 Wordpress 1 St Newsletter Plugin 2026-04-23 N/A
SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter.
CVE-2008-0686 2 Joomla, Mambo 2 Com Neoreferences, Com Neoreferences 2026-04-23 N/A
SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2008-5490 1 Phpstore 1 Yahoo Answers 2026-04-23 N/A
SQL injection vulnerability in index.php in PHPStore Yahoo Answers allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5489 1 Clip-share 1 Clipshare 2026-04-23 N/A
SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, and 2006 through 2007, allows remote attackers to execute arbitrary SQL commands via the chid parameter.
CVE-2007-6556 1 Websihirbazi 1 Websihirbazi 2026-04-23 N/A
Multiple SQL injection vulnerabilities in websihirbazi 5.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to default.asp in a news page action or (2) the pageid parameter to default.asp.