Export limit exceeded: 366429 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19834 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19834 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2609 2 Amotools, Joomla 2 Com Amocourse, Joomla 2026-04-23 N/A
SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php.
CVE-2009-2608 1 Chatelao 1 Php Address Book 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to delete.php or (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2565.
CVE-2009-2599 1 Radscripts 1 Radclassifieds 2026-04-23 N/A
SQL injection vulnerability in index.php in RadCLASSIFIEDS Gold 2.0 allows remote attackers to execute arbitrary SQL commands via the seller parameter in a search action.
CVE-2009-2585 1 Mlffat 1 Mlffat 2026-04-23 N/A
SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731.
CVE-2009-1843 1 Glenn Mcgurrin 1 Flash Quiz 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Flash Quiz Beta 2 allow remote attackers to execute arbitrary SQL commands via the (1) quiz parameter to (a) num_questions.php, (b) answers.php, (c) high_score.php, (d) high_score_web.php, (e) results_table_web.php, and (f) question.php; and the (2) order_number parameter to (g) answers.php and (h) question.php.
CVE-2009-1500 1 Projectcms 1 Projectcms 2026-04-23 N/A
SQL injection vulnerability in index.php in ProjectCMS 1.0 Beta allows remote attackers to execute arbitrary SQL commands via the sn parameter.
CVE-2009-1499 1 Joomla 2 Com Mailto, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor.
CVE-2007-4207 1 Kerberosdev 1 Gallery In A Box 2026-04-23 N/A
SQL injection vulnerability in admin_console/index.asp in Gallery In A Box allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password field. NOTE: these fields might be associated with the txtUsername and txtPassword parameters.
CVE-2008-2130 1 Igaming 1 Cms 2026-04-23 N/A
SQL injection vulnerability in poll_vote.php in iGaming CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2900 1 Phpauction 1 Phpauction 2026-04-23 N/A
SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-4808 1 Tlm Cms 1 Tlm Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in TLM CMS 3.2 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to news.php in a lirenews action, (2) the idnews parameter to goodies.php in a lire action, (3) the id parameter to file.php in a voir action, (4) the ID parameter to affichage.php, (5) the id_sal parameter to mod_forum/afficher.php, or (6) the id_sujet parameter to mod_forum/messages.php. NOTE: it was later reported that goodies.php and affichage.php scripts are reachable through index.php, and 1.1 is also affected. NOTE: it was later reported that the goodies.php vector also affects 3.1.
CVE-2008-6721 1 Ajsquare 1 Aj Article 2026-04-23 N/A
SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute arbitrary SQL commands via the txtName parameter (aka the username field).
CVE-2009-0881 1 Josema Enzo 1 Isiajax 2026-04-23 N/A
SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0883 1 Amunak 1 Blue Eye Cms 2026-04-23 N/A
SQL injection vulnerability in Blue Eye CMS 1.0.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the BlueEyeCMS_login cookie parameter.
CVE-2008-6887 1 Preprojects 1 Pre Classified Listings 2026-04-23 N/A
SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the siteid parameter.
CVE-2008-6880 1 Easysitenetwork 1 Jokes Complete Website 2026-04-23 N/A
SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes Website allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6875 1 Humayun Shabbir Bhutta 1 Asp Product Catalog 2026-04-23 N/A
SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220.
CVE-2008-6853 1 Netcat 1 Netcat 2026-04-23 N/A
SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter.
CVE-2008-6852 2 Joomla, Markus Donhauser 2 Joomla\!, Ice Gallery Component For Joomla 2026-04-23 N/A
SQL injection vulnerability in the Ice Gallery (com_ice) component 0.5 beta 2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2008-6753 1 Silverstripe 1 Silverstripe 2026-04-23 N/A
SQL injection vulnerability in SilverStripe before 2.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField.