Export limit exceeded: 19840 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19840 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5727 1 Netcat 1 Netcat 2026-04-23 N/A
SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the query string.
CVE-2008-5333 1 Nitrotech 1 Nitrotech 2026-04-23 N/A
SQL injection vulnerability in members.php in NitroTech 0.0.3a allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-1247 1 Acutecp.rediscussed 1 Acutecp 2026-04-23 N/A
SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-5335 1 Php-fusion 1 Php-fusion 2026-04-23 N/A
SQL injection vulnerability in messages.php in PHP-Fusion 6.01.15 and 7.00.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the subject and msg_send parameters, a different vector than CVE-2005-3157, CVE-2005-3158, CVE-2005-3159, CVE-2005-4005, and CVE-2006-2459.
CVE-2008-5337 1 Multimania 2 Bandsite Portal System, Bandwebsite 2026-04-23 N/A
SQL injection vulnerability in lyrics.php in Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4431 1 Icebb 1 Icebb 2026-04-23 N/A
SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and earlier allows remote attackers to execute arbitrary SQL commands via the skin parameter, probably related to an incorrect protection mechanism in the clean_string function in includes/functions.php.
CVE-2009-0405 1 Smartsitecms 1 Smartsitecms 2026-04-23 N/A
SQL injection vulnerability in articles.php in smartSite CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the var parameter.
CVE-2009-0403 1 Chipmunk Scripts 1 Chipmunk Blogger 2026-04-23 N/A
SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
CVE-2009-0402 1 Gplhost 1 Domain Technologie Control 2026-04-23 N/A
SQL injection vulnerability in client/new_account.php in Domain Technologie Control (DTC) before 0.29.16 allows remote attackers to execute arbitrary SQL commands via the (1) familyname, (2) christname, (3) company_name, (4) is_company, (5) email, (6) phone, (7) fax, (8) addr1, (9) addr2, (10) addr3, (11) zipcode, (12) city, (13) state, (14) country, and (15) vat_num parameters.
CVE-2009-0401 1 Ephpscripts 1 E-php Cms 2026-04-23 N/A
SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2009-0400 1 Socialengine 1 Socialengine 2026-04-23 N/A
SQL injection vulnerability in blog.php in SocialEngine 3.06 trial allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
CVE-2009-0394 1 Ple Cms 1 Ple Cms 2026-04-23 N/A
SQL injection vulnerability in login.php in Pre Lecture Exercises (PLEs) CMS 1.0 beta 4.2 allows remote attackers to execute arbitrary SQL commands via the school parameter.
CVE-2009-2179 1 W2b 1 Phpdatingclub 2026-04-23 N/A
SQL injection vulnerability in search.php in phpDatingClub 3.7 allows remote attackers to execute arbitrary SQL commands via the sform[day] parameter.
CVE-2009-0327 1 Seraphimtech 1 Free Bible Search Php Script 2026-04-23 N/A
SQL injection vulnerability in readbible.php in Free Bible Search PHP Script 1.0 allows remote attackers to execute arbitrary SQL commands via the version parameter.
CVE-2009-0750 2 Tombstone, Txtsql 2 Smnews, Txtsql 2026-04-23 N/A
SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2009-2209 1 Rs-cms 1 Rs-cms 2026-04-23 N/A
SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the key parameter.
CVE-2008-4701 1 Liberiacms 1 Liberia Cms 2026-04-23 N/A
SQL injection vulnerability in admin.php in Libera CMS 1.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_user cookie parameter, a different vector than CVE-2008-4700. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-5242 1 Etomite 1 Etomite 2026-04-23 N/A
SQL injection vulnerability in Etomite Content Management System (CMS) before 0.6.1.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-4703 1 Bosdev 1 Bosnews 2026-04-23 N/A
SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows remote attackers to execute arbitrary SQL commands via the article parameter.
CVE-2008-5434 1 Punbb 1 Punbb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) order_by or (2) direction parameter to admin/users.php, or (3) configuration options to admin/settings.php.