Export limit exceeded: 19010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2010 | 1 Haudenschilt | 1 Family Connections Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) thread parameter to messageboard.php, (2) member parameter to profile.php, (3) pid parameter to gallery/index.php, and the (4) fcms_login_id cookie parameter. | ||||
| CVE-2009-2008 | 1 Dokeos | 1 Dokeos | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) uInfo parameter to main/tracking/userLog.php and the (2) course parameter to main/mySpace/lp_tracking.php, a different vector than CVE-2009-2006.2. | ||||
| CVE-2008-0137 | 1 Snetworks | 1 Php Classifieds | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in config.inc.php in SNETWORKS PHP CLASSIFIEDS 5.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter. | ||||
| CVE-2009-1508 | 1 Keir Davis | 1 X-forum | 2026-04-23 | N/A |
| SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php. | ||||
| CVE-2009-1506 | 1 Intelliants | 1 Elitius | 2026-04-23 | N/A |
| SQL injection vulnerability in classes/Xp.php in eLitius 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to banner-details.php. | ||||
| CVE-2008-0133 | 1 Thomas Perez | 1 Tribisur | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to cat_main.php and the (2) cat parameter to forum.php in a liste action. | ||||
| CVE-2009-1500 | 1 Projectcms | 1 Projectcms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in ProjectCMS 1.0 Beta allows remote attackers to execute arbitrary SQL commands via the sn parameter. | ||||
| CVE-2009-1499 | 1 Joomla | 2 Com Mailto, Joomla\! | 2026-04-23 | N/A |
| SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor. | ||||
| CVE-2009-1487 | 1 Rens Rikkerink | 1 Fungamez | 2026-04-23 | N/A |
| SQL injection vulnerability in pages/login.php in FunGamez RC1 allows remote attackers to execute arbitrary SQL commands via the login_user (aka username) parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0130 | 1 Instantsoftwares | 1 Dating Site | 2026-04-23 | N/A |
| SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Username parameter, a different vulnerability than CVE-2007-6671. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-7083 | 1 Revou | 1 Micro Blogging Twitter Clone | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in ReVou Micro Blogging Twitter clone allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. | ||||
| CVE-2009-1481 | 1 Pjhome | 1 Puterjams Blog | 2026-04-23 | N/A |
| SQL injection vulnerability in action.asp in PuterJam's Blog (PJBlog3) 3.0.6.170 allows remote attackers to execute arbitrary SQL commands via the cname parameter in a checkAlias action, as exploited in the wild in April 2009. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2634 | 1 Bearrivernet.net | 1 I-pos Internet Pay Online Store | 2026-04-23 | N/A |
| SQL injection vulnerability in index.asp in I-Pos Internet Pay Online Store 1.3 Beta and earlier allows remote attackers to execute arbitrary SQL commands via the item parameter. | ||||
| CVE-2009-1480 | 1 Pragyan Cms Project | 1 Pragyan Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote attackers to execute arbitrary SQL commands via the fileget parameter in a view action and other unspecified vectors. | ||||
| CVE-2009-1468 | 1 Icewarp | 2 Email Server, Webmail Server | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the search form in server/webmail.php in the Groupware component in IceWarp eMail Server and WebMail Server before 9.4.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) sql and (2) order_by elements in an XML search query. | ||||
| CVE-2008-0129 | 1 Siteatschool | 1 Siteatschool | 2026-04-23 | N/A |
| SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and earlier allows remote attackers to execute arbitrary SQL commands via the album_name parameter. | ||||
| CVE-2009-1433 | 1 Silverstripe | 1 Silverstripe | 2026-04-23 | N/A |
| SQL injection vulnerability in File::find (filesystem/File.php) in SilverStripe before 2.3.1 allows remote attackers to execute arbitrary SQL commands via the filename parameter. | ||||
| CVE-2008-2632 | 1 Joomla | 2 Com Acctexp, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php. | ||||
| CVE-2009-1411 | 1 Neocrome | 1 Seditio | 2026-04-23 | N/A |
| SQL injection vulnerability in events/inc/events.inc.php in the Events plugin for Seditio CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the c parameter to plug.php. | ||||
| CVE-2009-1410 | 1 Opensolution | 1 Quick.cms.lite | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||