Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3217 | 1 Wiccle | 1 Iwiccle | 2026-04-23 | N/A |
| SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the member_id parameter in an edit_user action to index.php. | ||||
| CVE-2007-5973 | 1 Jportal | 1 Jportal Web Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in articles.php in JPortal 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter. | ||||
| CVE-2007-4258 | 1 Prozilla | 1 Prozilla Pub Site Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Prozilla Pub Site Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2009-1819 | 1 2daybiz | 1 Custom T-shirt Design Script | 2026-04-23 | N/A |
| SQL injection vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-3337 | 1 S9y | 1 Serendipity Event Freetag | 2026-04-23 | N/A |
| SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin before 3.09 for Serendipity (S9Y) allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry. | ||||
| CVE-2008-3090 | 1 Blognplus | 1 Blognplus | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819. | ||||
| CVE-2008-3943 | 1 Ezonescripts | 1 Living Local | 2026-04-23 | N/A |
| SQL injection vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows remote attackers to execute arbitrary SQL commands via the r parameter. | ||||
| CVE-2008-6777 | 1 Myphp | 1 Myphp Forum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a confirm action, the (2) user parameter in a newconfirm action, and (3) reqpwd action to member.php; and the (4) quote parameter in a post action and (5) pid parameter in an edit action to post.php, different vectors than CVE-2005-0413.2 and CVE-2007-6667. | ||||
| CVE-2007-5187 | 1 Php-fusion | 1 Expanded Calendar Module | 2026-04-23 | N/A |
| SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calendar 2.x module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the sel parameter. | ||||
| CVE-2009-2428 | 1 Tauschregal.de | 1 Tausch Ticket Script | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Tausch Ticket Script 3 allow remote attackers to execute arbitrary SQL commands via the (1) userid parameter to suchauftraege_user.php and the (2) descr parameter to vote.php; and other unspecified vectors. | ||||
| CVE-2009-2608 | 1 Chatelao | 1 Php Address Book | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to delete.php or (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2565. | ||||
| CVE-2009-3185 | 1 Comsenz | 2 Crazy Star Plugin, Discuz\! | 2026-04-23 | N/A |
| SQL injection vulnerability in plugin.php in the Crazy Star plugin 2.0 for Discuz! allows remote authenticated users to execute arbitrary SQL commands via the fmid parameter in a view action. | ||||
| CVE-2009-3203 | 1 Ajsquare | 1 Aj Auction Pro-oopd | 2026-04-23 | N/A |
| SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-2605 | 1 Traidnt | 1 Traidnt Up | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in adminquery.php in Traidnt Up 2.0 allow remote attackers to execute arbitrary SQL commands via (1) trupuser and (2) truppassword cookies to uploadcp/index.php. | ||||
| CVE-2009-3332 | 2 Joomla, Sopinet | 2 Joomla, Com Jbudgetsmagic | 2026-04-23 | N/A |
| SQL injection vulnerability in the JBudgetsMagic (com_jbudgetsmagic) component 0.3.2 through 0.4.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the bid parameter in a mybudget action to index.php. | ||||
| CVE-2008-2334 | 1 Aspindir | 1 Philboard | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-2571 | 1 Xoops | 1 Wfquotes Module | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the wfquotes 1.0 0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the c parameter in a cat action. | ||||
| CVE-2008-1639 | 1 Neat Web | 1 Neat-web | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Neat weblog 0.2 allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a show action, probably related to the showArticle function in lib/lib_article.include.php. | ||||
| CVE-2009-1066 | 1 Getpixie | 1 Pixie Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in the referral function in admin/lib/lib_logs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request. | ||||
| CVE-2008-3942 | 1 Ozsari | 1 Full Php Emlak Script | 2026-04-23 | N/A |
| SQL injection vulnerability in landsee.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||