Export limit exceeded: 18772 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18772 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1465 | 3 Detodas, Joomla, Mambo-foundation | 3 Com Restaurante, Joomla\!, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562. | ||||
| CVE-2008-1486 | 1 Phorum | 1 Phorum | 2025-04-09 | N/A |
| SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search. | ||||
| CVE-2008-1496 | 1 Peel | 1 Peel | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to (a) membre.php, and the (2) timestamp parameter to (b) the details action in achat/historique_commandes.php and (c) the facture action in factures/facture_html.php. | ||||
| CVE-2008-1508 | 1 Efestech | 1 E-kontor | 2025-04-09 | N/A |
| SQL injection vulnerability in EfesTech E-Kontör and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1509 | 1 Xlportal | 1 Xlportal | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in XLPortal 2.2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the query parameter. | ||||
| CVE-2008-1513 | 1 Danneo | 1 Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Danneo CMS 0.5.1 and earlier, when the Referers statistics option is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header. | ||||
| CVE-2008-1535 | 1 Matti Kiviharju | 1 Rekry Component | 2025-04-09 | N/A |
| SQL injection vulnerability in the Matti Kiviharju rekry (aka com_rekry or rekry!Joom) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the op_id parameter in a view action to index.php. | ||||
| CVE-2008-1539 | 1 Futurenuke | 1 Php Nuke Platinum | 2025-04-09 | N/A |
| SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary SQL commands via the p parameter to modules.php for the Forums module. | ||||
| CVE-2008-1540 | 2 Joomla, Mambo | 2 Datsogallery, Datsogallery | 2025-04-09 | N/A |
| SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1549 | 1 Aeries | 1 Aeries Student Information System | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the (1) GrdBk parameter to GradebookOptions.asp and the (2) SchlCode variable to loginproc.asp, a different vector than CVE-2008-0942. | ||||
| CVE-2008-1551 | 1 Runcms | 2 Photo Module, Runcms | 2025-04-09 | N/A |
| SQL injection vulnerability in viewcat.php in the Photo 3.02 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-1554 | 1 Topper | 1 Toppermod | 2025-04-09 | N/A |
| SQL injection vulnerability in account/index.php in TopperMod 2.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a non-alphanumeric first character the localita parameter, which bypasses a protection mechanism. | ||||
| CVE-2008-1559 | 2 Bernard Gilly, Joomla | 2 Com Alphacontent, Joomla\! | 2025-04-09 | N/A |
| SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | ||||
| CVE-2008-1591 | 1 Postnuke | 1 Postnuke | 2025-04-09 | N/A |
| The pnVarPrepForStore function in PostNuke 0.764 and earlier skips input sanitization when magic_quotes_runtime is enabled, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via input associated with server variables, as demonstrated by the CLIENT_IP HTTP header (HTTP_CLIENT_IP variable). | ||||
| CVE-2008-1607 | 1 Serby Arslanhan | 1 Bomba Haber | 2025-04-09 | N/A |
| SQL injection vulnerability in haberoku.php in Serbay Arslanhan Bomba Haber 2.0 allows remote attackers to execute arbitrary SQL commands via the haber parameter. | ||||
| CVE-2008-1608 | 1 Clever Copy | 1 Clever Copy | 2025-04-09 | N/A |
| SQL injection vulnerability in postview.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter, a different vector than CVE-2008-0363 and CVE-2006-0583. | ||||
| CVE-2007-4762 | 1 E-smart Cart | 1 E-smart Cart | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in embadmin/login.asp in E-SMARTCART 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user and (2) pass fields, different vectors than CVE-2007-0092. | ||||
| CVE-2008-1626 | 1 Eggblog | 1 Eggblog | 2025-04-09 | N/A |
| SQL injection vulnerability in eggBlog before 4.0.1 allows remote attackers to execute arbitrary SQL commands via an unspecified cookie. NOTE: this might overlap CVE-2008-0159. | ||||
| CVE-2008-1631 | 1 Emedia Office Gmbh | 1 Cuteflow | 2025-04-09 | N/A |
| SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter, related to the login form field in index.php. | ||||
| CVE-2008-1632 | 1 Emedia Office Gmbh | 1 Cuteflow | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) listid parameter to pages/editmailinglist_step1.php, the (2) userid parameter to pages/edituser.php, the (3) fieldid parameter to pages/editfield.php, and the (4) templateid to pages/edittemplate_step1.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||