Export limit exceeded: 19010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4666 | 1 Deeserver | 1 Ultimate Webboard | 2026-04-23 | N/A |
| SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00 allows remote attackers to execute arbitrary SQL commands via the Category parameter. | ||||
| CVE-2008-4665 | 1 Datingpro | 1 Matchmaking | 2026-04-23 | N/A |
| SQL injection vulnerability in PG Matchmaking allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) news_read.php and (2) gifts_show.php. | ||||
| CVE-2008-4660 | 1 Typo3 | 2 M1 Intern, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the M1 Intern (m1_intern) 1.0.0 extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-4659 | 1 Typo3 | 2 Mannschaftsliste, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist) 1.0.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2006-5738 | 1 Punbb | 1 Punbb | 2026-04-23 | 7.2 High |
| Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2006-5829 | 1 Aiocp | 1 Aiocp | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in All In One Control Panel (AIOCP) 1.3.007 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) choosed_language parameter to (a) cp_dpage.php, (b) cp_news.php, (c) cp_forum_view.php, (d) cp_edit_user.php, (e) cp_newsletter.php, (f) cp_links.php, (g) cp_contact_us.php, (h) cp_login.php, and (i) cp_codice_fiscale.php in public/code/; (2) news_category parameter to public/code/cp_news.php; (3) nlmsg_nlcatid parameter to public/code/cp_newsletter.php; (4) links_category parameter to public/code/cp_links.php; (5) product_category_id parameter to public/code/cp_show_ec_products.php; (6) order_field parameter to public/code/cp_show_ec_products.php; (7) firstrow parameter to public/code/cp_users_online.php; and (8) orderdir parameter to public/code/cp_links_search.php. | ||||
| CVE-2008-4658 | 1 Typo3 | 2 Jobcontrol, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2006-5957 | 1 Infinicart | 1 Infinicart | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in INFINICART allow remote attackers to execute arbitrary SQL commands via the (1) groupid parameter in (a) browse_group.asp, (2) productid parameter in (b) added_to_cart.asp, and (3) catid and (4) subid parameter in (c) browsesubcat.asp. NOTE: the vendor has disputed this report, saying "The vulnerabilities mentioned were never present in our official released products but only in the unofficial demo version. However we do appreciate the information. We have update our demo version and made sure all those vulnerabilities are fixed. | ||||
| CVE-2006-6706 | 1 Soumu | 3 Koukyoumuke Soumu Workflow, Soumo Workflow, Soumu Workflow | 2026-04-23 | N/A |
| SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 through 01-01, Soumu Workflow 02-00 through 03-03, and Koukyoumuke Soumu Workflow 01-00 through 01-01 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors in certain web pages. | ||||
| CVE-2006-6747 | 1 Dreaxteam | 1 Xt-news | 2026-04-23 | N/A |
| SQL injection vulnerability in show_news.php in Xt-News 0.1 allows remote attackers to execute arbitrary SQL commands via the id_news parameter. | ||||
| CVE-2007-0196 | 1 Motionborg | 1 Motionborg Web Real Estate | 2026-04-23 | N/A |
| SQL injection vulnerability in admin_check_user.asp in Motionborg Web Real Estate 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the username field (txtUserName parameter) and possibly other parameters. NOTE: some details were obtained from third party information. | ||||
| CVE-2007-0875 | 1 Mcrefer | 1 Mcrefer | 2026-04-23 | N/A |
| SQL injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: this issue has been disputed by a third party, stating that the file does not use a SQL database | ||||
| CVE-2007-0984 | 1 Aspcode.net | 1 Pollmentor | 2026-04-23 | N/A |
| SQL injection vulnerability in admin_poll.asp in PollMentor 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to pollmentorres.asp. | ||||
| CVE-2007-0985 | 1 Phpcc | 1 Phpcc | 2026-04-23 | N/A |
| SQL injection vulnerability in nickpage.php in phpCC 4.2 beta and earlier allows remote attackers to execute arbitrary SQL commands via the npid parameter in a sign_gb action. | ||||
| CVE-2008-4657 | 1 Typo3 | 2 Econda Plugin, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-4656 | 1 Typo3 | 2 Frontend Users View, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-4655 | 1 Typo3 | 2 Simplesurvey, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-1026 | 1 Scriptdungeon | 1 Xlatunes | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in XLAtunes 0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the album parameter in view mode. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-1034 | 1 Php-nuke | 1 Emporium Module | 2026-04-23 | N/A |
| SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||
| CVE-2007-1776 | 1 Design For Joomla | 1 D4j Ezine | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the DesignForJoomla.com D4J eZine (com_ezine) 2.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in a read action. | ||||