Export limit exceeded: 19010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6389 | 1 Aliensoftcorp | 1 Rae Media Contact Management | 2026-04-23 | N/A |
| SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, Standard, and Enterprise allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-2915 | 1 2fly | 1 Gift Delivery System | 2026-04-23 | N/A |
| SQL injection vulnerability in 2fly_gift.php in 2FLY Gift Delivery System 6.0 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a content action. | ||||
| CVE-2009-4619 | 2 Joomla, Lucygames | 2 Joomla\!, Com Lucygames | 2026-04-23 | N/A |
| SQL injection vulnerability in the Lucy Games (com_lucygames) component 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a game action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4551 | 1 Intesync | 1 Miniweb | 2026-04-23 | N/A |
| SQL injection vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the campaign_id parameter in a results action to index.php. | ||||
| CVE-2007-4845 | 1 Rwscripts.com | 1 Rw Download Lite | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Download 2.0.3 lite allow remote attackers to execute arbitrary SQL commands via the (1) dlid or (2) cid parameter. | ||||
| CVE-2009-4424 | 2 Imotta, Wordpress | 2 Pyrmont Plugin, Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-2385 | 2 Fustrate, Simple Machines | 2 Member Awards, Smf | 2026-04-23 | N/A |
| SQL injection vulnerability in the awardsMembers function in Sources/Profile.php in the Member Awards component 1.0.2 for Simple Machines Forum (SMF) allows remote attackers to execute arbitrary SQL commands via the id parameter in a profile action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3772 | 1 Pars4u | 1 Videosharing | 2026-04-23 | N/A |
| SQL injection vulnerability in categories_portal.php in Pars4u Videosharing 1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2007-4846 | 1 Webace | 1 Webace-linkscript | 2026-04-23 | N/A |
| SQL injection vulnerability in start.php in Webace-Linkscript (wls) 1.3 Special Edition (SE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik go action. | ||||
| CVE-2009-4591 | 1 Secureideas | 1 Base | 2026-04-23 | N/A |
| SQL injection vulnerability in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6401 | 1 Jetik | 1 Jetik-web | 2026-04-23 | N/A |
| SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote attackers to execute arbitrary SQL commands via the kat parameter. | ||||
| CVE-2007-4881 | 1 Psi-labs | 1 Social Networking Script Psisns | 2026-04-23 | N/A |
| SQL injection vulnerability in profile/myprofile.php in psi-labs.com social networking script (psisns), probably 1.0, allows remote attackers to execute arbitrary SQL commands via the u parameter. | ||||
| CVE-2008-4605 | 1 Cafeengine | 1 Easycafeengine | 2026-04-23 | N/A |
| SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) dish.php and (2) menu.php. | ||||
| CVE-2008-6250 | 1 Comdev | 1 Comdev Web Blogger | 2026-04-23 | N/A |
| SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page. | ||||
| CVE-2009-2366 | 1 Datachecknh | 2 Forumpal, Forumpal Fe | 2026-04-23 | N/A |
| SQL injection vulnerability in login.asp in DataCheck Solutions ForumPal FE 1.1 and ForumPal 1.5 allows remote attackers to execute arbitrary SQL commands via the (1) password parameter in 1.1 and (2) p_password parameter in 1.5. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-2388 | 1 Shalwan | 1 Opial | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/index.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the txtPassword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1404 | 1 Exv2 | 1 Exv2 | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Viso (Industry Book) 2.04 and 2.03 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the kid parameter. | ||||
| CVE-2009-4401 | 2 Fr.simon Rundell, Typo3 | 2 Ste Parish Admin, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4414 | 1 Phpgroupware | 1 Phpgroupware | 2026-04-23 | N/A |
| SQL injection vulnerability in phpgwapi /inc/class.auth_sql.inc.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the passwd parameter to login.php. | ||||
| CVE-2009-4432 | 1 Codemight | 1 Videocms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in CodeMight VideoCMS 3.1 allows remote attackers to execute arbitrary SQL commands via the v parameter in a video action. | ||||