Export limit exceeded: 19010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0256 | 1 Matteo Binda | 1 Asp Photo Gallery | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and (c) thumbricerca.asp and the (2) ricerca parameter to (d) thumbricerca.asp. | ||||
| CVE-2009-2599 | 1 Radscripts | 1 Radclassifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in RadCLASSIFIEDS Gold 2.0 allows remote attackers to execute arbitrary SQL commands via the seller parameter in a search action. | ||||
| CVE-2008-0099 | 1 Myphp Forum | 1 Myphp Forum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the searchtext parameter to search.php, and unspecified other vectors. | ||||
| CVE-2008-5586 | 1 Check Up | 1 Check New | 2026-04-23 | N/A |
| SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | ||||
| CVE-2008-5975 | 1 Activewebsoftwares | 1 Active Price Comparison | 2026-04-23 | N/A |
| SQL injection vulnerability in links.asp in Active Price Comparison 4.0 allows remote attackers to execute arbitrary SQL commands via the linkid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-5215 | 1 Clanlite | 1 Clanlite | 2026-04-23 | N/A |
| SQL injection vulnerability in service/profil.php in ClanLite 2.2006.05.20 allows remote attackers to execute arbitrary SQL commands via the link parameter. | ||||
| CVE-2009-0400 | 1 Socialengine | 1 Socialengine | 2026-04-23 | N/A |
| SQL injection vulnerability in blog.php in SocialEngine 3.06 trial allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||
| CVE-2009-0394 | 1 Ple Cms | 1 Ple Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in Pre Lecture Exercises (PLEs) CMS 1.0 beta 4.2 allows remote attackers to execute arbitrary SQL commands via the school parameter. | ||||
| CVE-2008-0942 | 1 Aeries | 1 Aeries Student Information System | 2026-04-23 | N/A |
| SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote attackers to execute arbitrary SQL commands via the GrdBk parameter. | ||||
| CVE-2009-3205 | 1 Cbauthority | 1 Cbauthority | 2026-04-23 | N/A |
| SQL injection vulnerability in main.php in CBAuthority allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_product action. | ||||
| CVE-2009-4624 | 1 Nicecoder | 1 Idesk | 2026-04-23 | N/A |
| SQL injection vulnerability in download.php in Nicecoder iDesk allows remote attackers to execute arbitrary SQL commands via the cat_id parameter, a different vector than CVE-2005-3843. | ||||
| CVE-2009-4392 | 1 Typo3 | 2 Typo3, Xds Staff | 2026-04-23 | N/A |
| SQL injection vulnerability in the XDS Staff List (xds_staff) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-3499 | 1 Bpowerhouse | 1 Bplawyercasedocuments | 2026-04-23 | N/A |
| SQL injection vulnerability in employee.aspx in BPowerHouse BPLawyerCaseDocuments 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2007-6517 | 1 Aeries | 1 Aeries Browser Interface | 2026-04-23 | N/A |
| SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4393 | 2 Daniel Ptzinger, Typo3 | 2 Danp Documentdirs, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Document Directorys (danp_documentdirs) extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-0692 | 1 Itechscripts | 1 Itechbids | 2026-04-23 | N/A |
| SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | ||||
| CVE-2010-0322 | 2 Matthias Karr, Typo3 | 2 Mk Anydropdownmenu, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6401 | 1 Jetik | 1 Jetik-web | 2026-04-23 | N/A |
| SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote attackers to execute arbitrary SQL commands via the kat parameter. | ||||
| CVE-2009-1259 | 1 Insanevisions | 1 Adaptbb | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php. | ||||
| CVE-2009-2098 | 1 Micheal Glazer | 1 Phportal | 2026-04-23 | N/A |
| SQL injection vulnerability in topicler.php in phPortal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||