Export limit exceeded: 14753 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19732 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19732 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0334 | 1 Katywhitton | 1 Blogit\! | 2026-04-23 | N/A |
| SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action. | ||||
| CVE-2008-0447 | 1 Foojan | 1 Php Weblog | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Foojan WMS PHP Weblog 1.0 allows remote attackers to execute arbitrary SQL commands via the story parameter. | ||||
| CVE-2008-0446 | 1 Julian Pawlowski | 1 Lulieblog | 2026-04-23 | N/A |
| SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1398 | 1 Auracms | 1 Auracms | 2026-04-23 | N/A |
| SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field (HTTP_X_FORWARDED_FOR environment variable) in an HTTP header. | ||||
| CVE-2008-0147 | 1 Smallnuke | 1 Smallnuke | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in SmallNuke 2.0.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via (1) the user_email parameter and possibly (2) username parameter in a Members action. | ||||
| CVE-2008-0873 | 1 Jlmzone | 1 Classifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the jlmZone Classifieds module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in an Adsview action. | ||||
| CVE-2008-0144 | 1 Phprisk | 1 Netrisk | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences. | ||||
| CVE-2008-5924 | 1 Asp-dev | 1 Xm Events Diary | 2026-04-23 | N/A |
| SQL injection vulnerability in diary_viewC.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-5104 | 1 Bcoos | 1 Bcoos | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Arcade module in bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a play_game action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-0139 | 1 Loudblog | 1 Loudblog | 2026-04-23 | N/A |
| Eval injection vulnerability in loudblog/inc/parse_old.php in Loudblog 0.8.0 and earlier allows remote attackers to execute arbitrary PHP code via the template parameter. | ||||
| CVE-2009-0339 | 1 Dmxready | 1 Blog Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to execute arbitrary SQL commands via the itemID parameter in a view action. | ||||
| CVE-2007-5068 | 1 Phpfullannu | 1 Phpfullannu | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in phpFullAnnu (PFA) 6.0 allows remote attackers to execute arbitrary SQL commands via the mod parameter. | ||||
| CVE-2008-5921 | 1 Umerinc | 1 Songs Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in albums.php in Umer Inc Songs Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0252 | 1 Enthrallweb | 1 Ereservations | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote attackers to execute arbitrary SQL commands via the (1) Login parameter (aka username field) or the (2) Password parameter (aka password field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-5061 | 1 Clansphere | 1 Clansphere | 2026-04-23 | N/A |
| SQL injection vulnerability in mods/banners/navlist.php in Clansphere 2007.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php in a banners action. | ||||
| CVE-2008-2132 | 1 Systementor | 1 Postcardmentor | 2026-04-23 | N/A |
| SQL injection vulnerability in step1.asp in Systementor PostcardMentor allows remote attackers to execute arbitrary SQL commands via the cat_fldAuto parameter. | ||||
| CVE-2008-5208 | 2 Joomla, Mambo | 3 Com Datsogallery, Joomla, Mambo | 2026-04-23 | N/A |
| SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | ||||
| CVE-2008-2114 | 1 Preprojects | 1 Pre Shopping Mall | 2026-04-23 | N/A |
| SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | ||||
| CVE-2008-2113 | 1 Phpeasydata | 1 Phpeasydata | 2026-04-23 | N/A |
| SQL injection vulnerability in annuaire.php in PHPEasyData 1.5.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2009-0284 | 1 Flaxweb | 1 Flax Article Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in Flax Article Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||