Search Results (19808 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6140 1 Dora Emlak 1 Dora Emlak 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) emlak_detay.asp and (b) haber_detay.asp, the (2) kategori parameter to (c) kategorisirala.asp, and the (3) tip parameter to (d) tipsirala.asp.
CVE-2008-6007 1 Quidascript 1 Bookmarks Favourites Script 2026-04-23 N/A
SQL injection vulnerability in view_group.php in QuidaScript BookMarks Favourites Script (APB) allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2590 1 Resalecode 1 Hutscripts Php Website Script 2026-04-23 N/A
SQL injection vulnerability in showcategory.php in Hutscripts PHP Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2007-0984 1 Aspcode.net 1 Pollmentor 2026-04-23 N/A
SQL injection vulnerability in admin_poll.asp in PollMentor 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to pollmentorres.asp.
CVE-2008-5970 1 I-netsolution 1 Orkut Clone 2026-04-23 N/A
SQL injection vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
CVE-2009-4564 1 Zenphoto 1 Zenphoto 2026-04-23 N/A
SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ZenPage plugin is enabled, allows remote attackers to execute arbitrary SQL commands via the category parameter, related to a URI under news/category/.
CVE-2008-2688 1 Pilotcart 1 Pilot Cart 2026-04-23 N/A
SQL injection vulnerability in pilot.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the article parameter in a kb action.
CVE-2008-6028 1 University Of Queensland 1 Fez 2026-04-23 N/A
SQL injection vulnerability in list.php in University of Queensland Library Fez 1.3 and 2.0 RC1 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter in a subject action.
CVE-2008-3582 1 Keld 1 Php-mysql News Script 2026-04-23 N/A
SQL injection vulnerability in login.php in Keld PHP-MySQL News Script 0.7.1 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-5998 1 Drupal 2 Ajax Checklist, Drupal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the ajax_checklist_save function in the Ajax Checklist module 5.x before 5.x-1.1 for Drupal allow remote authenticated users, with "update ajax checklists" permissions, to execute arbitrary SQL commands via a save operation, related to the (1) nid, (2) qid, and (3) state parameters.
CVE-2008-3585 1 Pozscripts 1 Greencart Php Shopping Cart 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PozScripts GreenCart PHP Shopping Cart allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) product_desc.php and (2) store_info.php.
CVE-2008-3561 1 Powergap 1 Shopsystem 2026-04-23 N/A
SQL injection vulnerability in s03.php in Powergap Shopsystem, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ag parameter.
CVE-2008-3387 1 Phpfootball 1 Phpfootball 2026-04-23 N/A
SQL injection vulnerability in show.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the dbtable parameter.
CVE-2008-6013 1 Openfreeway 1 Freeway 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Freeway before 1.4.3.210 allow remote attackers to execute arbitrary SQL commands via unspecified vectors involving the (1) advanced search result and (2) service resource pages.
CVE-2009-3336 1 Phpprobid 1 Php Pro Bid 2026-04-23 N/A
SQL injection vulnerability in auction_details.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auction_id parameter.
CVE-2009-3319 1 Dimofinf 1 Dawaween 2026-04-23 N/A
SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sec list action, a different vector than CVE-2006-1018.
CVE-2008-1164 1 Phpcomasy 1 Phpcomasy 2026-04-23 N/A
SQL injection vulnerability in index.php in phpComasy 0.8 allows remote attackers to execute arbitrary SQL commands via the mod_project_id parameter in a project_detail action.
CVE-2007-6127 1 Project Alumni 1 Project Alumni 2026-04-23 N/A
Multiple SQL injection vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the year parameter to (1) view.page.inc.php, which is reachable through a view action to index.php; or (2) the year parameter to news.page.inc.php, which is reachable through a news action to index.php.
CVE-2008-1921 1 5th Avenue Software 1 5th Avenue Shopping Cart 2026-04-23 N/A
SQL injection vulnerability in store_pages/category_list.php in 5th Avenue Shopping Cart 1.2 trial edition allows remote attackers to execute arbitrary SQL commands via the category_ID parameter.
CVE-2008-2671 1 Dcfm Blog 1 Dcfm Blog 2026-04-23 N/A
SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.