Export limit exceeded: 19010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2700 | 1 Gwm | 1 Galatolo Webmanager | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in Galatolo WebManager 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6086 | 1 Camera Life | 1 Camera Life | 2026-04-23 | N/A |
| SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3355. | ||||
| CVE-2008-0173 | 1 Gforge | 1 Gforge | 2026-04-23 | N/A |
| SQL injection vulnerability in Gforge 4.6.99 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified parameters, related to RSS exports. | ||||
| CVE-2008-2633 | 1 Joomla | 2 Com Joomradio, Joomla | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the EXP JoomRadio (com_joomradio) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) show_radio or (2) show_video action to index.php. | ||||
| CVE-2008-6309 | 1 W3matter | 1 Askpert | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in W3matter AskPert allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4623 | 2 Joomla, Martin Diphoorn | 2 Joomla, Com Ds-syndicate | 2026-04-23 | N/A |
| SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feed_id parameter to index2.php. | ||||
| CVE-2008-3598 | 1 Psi-labs | 1 Psipuss | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in psipuss 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the Cid parameter to categories.php or (2) the Username parameter to login.php. | ||||
| CVE-2008-4625 | 2 Shiftthis, Wordpress | 2 Shifthis Newsletter, Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in stnl_iframe.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter, a different vector than CVE-2008-0683. | ||||
| CVE-2008-2790 | 1 Mountaingrafix | 1 Easytrade | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.php in MountainGrafix easyTrade 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1874 | 1 Xpoze | 1 Xpoze Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in account/user/mail.html in Xpoze Pro 3.05 and earlier allows remote authenticated users to execute arbitrary SQL commands via the reed parameter. | ||||
| CVE-2010-0343 | 1 Typo3 | 2 Pb Clanlist, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Clan Users List (pb_clanlist) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-4659 | 1 Typo3 | 2 Mannschaftsliste, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist) 1.0.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-4650 | 1 Mywebland | 1 Myevent | 2026-04-23 | N/A |
| SQL injection vulnerability in viewevent.php in myEvent 1.6 allows remote attackers to execute arbitrary SQL commands via the eventdate parameter. | ||||
| CVE-2007-5508 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the CTXSYS Intermedia application for the Oracle Text component (CTX_DOC) in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) THEMES, (2) GIST, (3) TOKENS, (4) FILTER, (5) HIGHLIGHT, and (6) MARKUP procedures, aka DB03. NOTE: remote unauthenticated attack vectors exist when CTXSYS is used with oracle Application Server. | ||||
| CVE-2008-4647 | 1 Sweetcms | 1 Sweetcms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in sweetCMS 1.5.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2008-6093 | 1 Noname-cms | 1 Noname Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Noname CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) file_id parameter in a detailansicht action and the (2) kategorie parameter in a kategorien action. | ||||
| CVE-2010-0341 | 1 Typo3 | 2 Bb Simplejobs, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-4892 | 1 Swsoft | 1 Plesk | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, 8.1.1, and 8.2.0 for Windows allow remote attackers to execute arbitrary SQL commands via a PLESKSESSID cookie to (1) login.php3 or (2) auth.php3. | ||||
| CVE-2008-0943 | 1 Aeries | 1 Aeries Student Information System | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp. | ||||
| CVE-2008-4531 | 1 Drupal | 1 Brilliant Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to queries. NOTE: this might be the same issue as CVE-2008-4338. | ||||