Export limit exceeded: 19830 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19830 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3025 1 Plx Web Studio 1 Plx Ad Trader 2026-04-23 N/A
SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in a redir action.
CVE-2008-5726 1 Stormboards Aaronnemisis 1 Stormboards 2026-04-23 N/A
SQL injection vulnerability in thread.php in stormBoards 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3038 1 Typo3 1 Address Directory 2026-04-23 N/A
SQL injection vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2901 1 Haudenschilt 1 Family Connections Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter to home.php in a results action.
CVE-2008-3039 1 Typo3 1 Dam Frontend Extension 2026-04-23 N/A
SQL injection vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2902 1 Alstrasoft 1 Askme Pro 2026-04-23 N/A
SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to forum_answer.php is already covered by CVE-2007-4085.
CVE-2008-4074 1 Zanfi Solutions 1 Autodealers Cms Autonline 2026-04-23 N/A
SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
CVE-2008-3044 1 Typo3 1 News Calendar Extension 2026-04-23 N/A
SQL injection vulnerability in the News Calendar (newscalendar) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3055 1 Typo3 1 Support View Extension 2026-04-23 N/A
SQL injection vulnerability in the Support view (ext_tbl) extension 0.0.102 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3089 1 Xpoze 1 Xpoze Pro 2026-04-23 N/A
SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter.
CVE-2008-5767 1 Gazatem 1 Gnews Publisher 2026-04-23 N/A
SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter.
CVE-2008-5802 1 E-topbiz 1 Online Store 2026-04-23 N/A
SQL injection vulnerability in index.php in E-topbiz Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-5806 1 Deltascripts 1 Php Classifieds 2026-04-23 N/A
SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka admin field). NOTE: some of these details are obtained from third party information.
CVE-2008-5213 1 Aj Square 1 Aj Article 2026-04-23 N/A
SQL injection vulnerability in featured_article.php in AJ Article 1.0 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a search detail action.
CVE-2008-3151 2 Phpnuke, Warpspeed 2 4ndvddb, 4ndvddb 2026-04-23 N/A
SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_dvd action.
CVE-2008-3154 1 Webblizzard 1 Content Management System 2026-04-23 N/A
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-5648 1 Deltascripts 1 Php Shop 2026-04-23 N/A
SQL injection vulnerability in admin/login.php in DeltaScripts PHP Shop 1.0 allows remote attackers to execute arbitrary SQL commands via the admin_username parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-3189 1 Dreamlevels 1 Dreamnews Manager 2026-04-23 N/A
SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5841 1 Igamingcms 1 Igaming Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the browse parameter to (1) previews.php and (2) reviews.php, and the (3) id parameter to index.php in a viewarticle action.
CVE-2008-3191 1 Marcioforum 1 Mforum 2026-04-23 N/A
Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Email, (4) Icq, (5) msn, or (6) Yahoo Messenger field in an edit_profile action.