Export limit exceeded: 19010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6256 | 1 Vbulletin | 1 Vbulletin | 2026-04-23 | N/A |
| SQL injection vulnerability in admincp/admincalendar.php in vBulletin 3.7.3.pl1 allows remote authenticated administrators to execute arbitrary SQL commands via the holidayinfo[recurring] parameter, a different vector than CVE-2005-3022. | ||||
| CVE-2009-2122 | 2 Paolo Palmonari, Wordpress | 2 Photoracer Plugin For Wordpress, Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in viewimg.php in the Paolo Palmonari Photoracer plugin 1.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1961 | 1 Php Resource | 1 Voice Of Web Allmyguests | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to execute arbitrary SQL commands via the AMG_id parameter in a comments action. | ||||
| CVE-2009-3495 | 1 Vastal | 1 Dvd Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_mag.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the mag_id parameter, a different vector than CVE-2008-4465. | ||||
| CVE-2009-3480 | 2 Isygen, Joomla | 2 Icrm Basic, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the iCRM Basic (com_icrmbasic) component 1.4.2.31 for Joomla! allows remote attackers to execute arbitrary SQL commands via the p3 parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-0878 | 1 Runcms | 1 Myannonces | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | ||||
| CVE-2009-0459 | 1 Wholehogsoftware | 1 Password Protect | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Password Protect: Enhanced 1.x allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3674 | 1 Pozscripts | 1 Tubeguru Video Sharing Script | 2026-04-23 | N/A |
| SQL injection vulnerability in ugroups.php in PozScripts TubeGuru Video Sharing Script allows remote attackers to execute arbitrary SQL commands via the UID parameter. | ||||
| CVE-2009-3528 | 1 Al4us | 1 Mymsg | 2026-04-23 | N/A |
| SQL injection vulnerability in Profile.php in MyMsg 1.0.3 allows remote authenticated users to execute arbitrary SQL commands via the uid parameter in a show action. | ||||
| CVE-2008-1872 | 1 Comdev | 1 Comdev News Publisher | 2026-04-23 | N/A |
| SQL injection vulnerability in home.news.php in Comdev News Publisher 4.1.2 allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1864 | 1 Prozilla | 1 Prozilla Freelancers | 2026-04-23 | N/A |
| SQL injection vulnerability in project.php in Prozilla Freelancers allows remote attackers to execute arbitrary SQL commands via the project parameter. | ||||
| CVE-2008-3787 | 1 Nullscripts | 1 Web Directory Script | 2026-04-23 | N/A |
| SQL injection vulnerability in listing_view.php in Web Directory Script 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | ||||
| CVE-2008-6887 | 1 Preprojects | 1 Pre Classified Listings | 2026-04-23 | N/A |
| SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the siteid parameter. | ||||
| CVE-2008-2867 | 1 E-topbiz | 1 Viral Dx 1 | 2026-04-23 | N/A |
| SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter. | ||||
| CVE-2009-4436 | 1 Activewebsoftwares | 1 Ewebquiz | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Active Web Softwares eWebquiz 8 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp, different vectors than CVE-2007-1706. | ||||
| CVE-2008-4605 | 1 Cafeengine | 1 Easycafeengine | 2026-04-23 | N/A |
| SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) dish.php and (2) menu.php. | ||||
| CVE-2009-4296 | 2 Brian Miller, Drupal | 2 Taxonomy Timer, Drupal | 2026-04-23 | N/A |
| SQL injection vulnerability in the Taxonomy Timer module 5.x-1.8 and earlier and 6.x-alpha1 and earlier for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-2856 | 1 Ownrs | 1 Ownrs | 2026-04-23 | N/A |
| SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-1347 | 1 Chcounter | 1 Chcounter | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via (1) the login_name parameter (aka the username field) or (2) the login_pw parameter (aka the password field). | ||||
| CVE-2008-1726 | 1 Myknowledgequest | 1 Knowledgequest | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kqid parameter to (a) articletext.php and (b) articletextonly.php and the (2) username parameter to (c) logincheck.php. | ||||