Search Results (19840 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6349 1 Turnkeyforms 1 Business Survey Pro 2026-04-23 N/A
SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6353 1 Asp-cms 1 Asp-cms 2026-04-23 N/A
SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the cha parameter.
CVE-2008-6358 1 Socialgroupie 1 Social Groupie 2026-04-23 N/A
SQL injection vulnerability in group_index.php in Social Groupie allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6980 1 Phpadultsite 1 Phpadultsite Cms 2026-04-23 N/A
SQL injection vulnerability in as_archives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to execute arbitrary SQL commands via the results_per_page parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-0446 1 Julian Pawlowski 1 Lulieblog 2026-04-23 N/A
SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4613 1 Portalapp 1 Portalapp 2026-04-23 N/A
SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
CVE-2008-6289 1 Toursmanager 1 Tours Manager 2026-04-23 N/A
SQL injection vulnerability in cityview.php in Tours Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the cityid parameter.
CVE-2008-6383 1 Drupal 2 Drupal, Storm 2026-04-23 N/A
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-2034 1 Ricardo Alexandre De Oliveira Staudt 1 Yogurt 2026-04-23 N/A
SQL injection vulnerability in writemessage.php in Yogurt 0.3, when register_globals is enabled, allows remote authenticated users to execute arbitrary SQL commands via the original parameter.
CVE-2008-6372 1 Ocean12tech 1 Faq Manager Pro 2026-04-23 N/A
SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a Cat action. NOTE: some of these details are obtained from third party information.
CVE-2008-6368 1 Chipmunk Scripts 1 Chipmunk Guestbook 2026-04-23 N/A
SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m allows remote attackers to execute arbitrary SQL commands via the start parameter.
CVE-2008-6371 1 Ocean12tech 1 Membership Manager Pro 2026-04-23 N/A
SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the username (Username parameter).
CVE-2007-2803 1 Vizayn Urun 1 Tanitim Sitesi 2026-04-23 N/A
SQL injection vulnerability in default.asp in Vizayn Urun Tanitim Sitesi 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a haberdetay action.
CVE-2008-6282 1 Ortus.nirn 1 Cms Ortus 2026-04-23 N/A
SQL injection vulnerability in engine/users/users_edit_pub.inc in CMS Ortus 1.13 and earlier allows remote authenticated users to execute arbitrary SQL commands via the city parameter in a users_edit_pub action to index.php.
CVE-2008-6378 1 Mxmania 1 Calendar Mx Professional 2026-04-23 N/A
SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-6379 1 Mxmania 1 Gallery Mx 2026-04-23 N/A
SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-4531 1 Drupal 1 Brilliant Gallery 2026-04-23 N/A
SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to queries. NOTE: this might be the same issue as CVE-2008-4338.
CVE-2008-3673 1 Pozscripts 1 Classified Ads 2026-04-23 N/A
SQL injection vulnerability in browsecats.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3672.
CVE-2008-6381 1 Bcoos 1 Bcoos 2026-04-23 N/A
SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter.
CVE-2008-3026 1 Oneclick Cms 1 Oneclick Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet CMS) 2008-01-24 allows remote attackers to execute arbitrary SQL commands via the id parameter.