Export limit exceeded: 19010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6216 | 1 Bookingcentre | 1 Booking System For Hotels Group | 2026-04-23 | N/A |
| SQL injection vulnerability in cadena_ofertas_ext.php in Venalsur Booking Centre Booking System for Hotels Group allows remote attackers to execute arbitrary SQL commands via the OfertaID parameter. | ||||
| CVE-2008-2972 | 1 Kblance | 1 Kblance | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a comment action. | ||||
| CVE-2008-6254 | 1 Jadu | 1 Jadu Galaxies | 2026-04-23 | N/A |
| SQL injection vulnerability in scripts/documents.php in Jadu Galaxies allows remote attackers to execute arbitrary SQL commands via the categoryID parameter. | ||||
| CVE-2008-4173 | 1 Proarcadescript | 1 Proarcadescript | 2026-04-23 | N/A |
| SQL injection vulnerability in ProArcadeScript 1.3 allows remote attackers to execute arbitrary SQL commands via the random parameter to the default URI. | ||||
| CVE-2008-6255 | 1 Vbulletin | 1 Vbulletin | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php. | ||||
| CVE-2007-4258 | 1 Prozilla | 1 Prozilla Pub Site Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Prozilla Pub Site Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-4148 | 1 Drupal | 1 Mailhandler | 2026-04-23 | N/A |
| SQL injection vulnerability in the Mailhandler module 5.x before 5.x-1.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to composing queries without using the Drupal database API. | ||||
| CVE-2008-4175 | 1 Linkbidscript | 1 Linkbidscript | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php. | ||||
| CVE-2008-6214 | 1 Harlandscripts | 1 Pro Traffic One | 2026-04-23 | N/A |
| SQL injection vulnerability in poll_results.php in Harlandscripts Pro Traffic One allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6213 | 1 Harlandscripts | 1 Pro Traffic One | 2026-04-23 | N/A |
| SQL injection vulnerability in mypage.php in Harlandscripts Pro Traffic One allows remote attackers to execute arbitrary SQL commands via the trg parameter. | ||||
| CVE-2008-4145 | 1 Addalink | 1 Addalink | 2026-04-23 | N/A |
| SQL injection vulnerability in user_read_links.php in Addalink 1.0 beta 4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||
| CVE-2008-6210 | 1 Dream4 | 1 Koobi | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in dream4 Koobi 4.4 and 5.4 allows remote attackers to execute arbitrary SQL commands via the img_id parameter in the gallerypic page. | ||||
| CVE-2008-3310 | 1 Preproject | 1 Pre Survey Poll | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Pre Survey Poll allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2008-6209 | 1 Vastal | 1 Software Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_product.php in Vastal I-Tech Software Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2008-4144 | 1 Discountedscripts | 1 E-gold Script Shop | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in ACG-ScriptShop E-Gold Script Shop allows remote attackers to execute arbitrary SQL commands via the cid parameter in a showcat action. | ||||
| CVE-2008-6204 | 1 Supernet | 1 Supernet Shop | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to secure/admin/guncelle.asp, (2) kulad and sifre parameters to secure/admin/giris.asp, and (3) username and password to secure/admin/default.asp. | ||||
| CVE-2008-6851 | 1 Php Link Directory | 1 Php Link Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in page.php in PHP Link Directory (phpLD) 3.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the name parameter. | ||||
| CVE-2008-2983 | 1 Cwh Underground | 1 Demo4 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Demo4 CMS 01 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2755 | 1 Jamm-media | 1 Jamm Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in JAMM CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2964 | 1 Researchguide | 1 Researchguide | 2026-04-23 | N/A |
| SQL injection vulnerability in guide.php in ResearchGuide 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||