Export limit exceeded: 365171 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19810 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0528 | 1 Rhadrix | 1 If-cms | 2026-04-23 | N/A |
| SQL injection vulnerability in frame.php in Rhadrix If-CMS 2.07 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0531 | 1 Ontarioabandonedplaces | 1 A Better Member-based Asp Photo Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in gallery/view.asp in A Better Member-Based ASP Photo Gallery before 1.2 allows remote attackers to execute arbitrary SQL commands via the entry parameter. | ||||
| CVE-2009-1049 | 1 Kamads | 1 Bloginator | 2026-04-23 | N/A |
| SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-1065 | 1 Getpixie | 1 Pixie Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the x parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1066 | 1 Getpixie | 1 Pixie Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in the referral function in admin/lib/lib_logs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request. | ||||
| CVE-2009-1208 | 2 Auth2db, Auth2dbauth2db | 2 Auth2db, 0.1.1 | 2026-04-23 | N/A |
| SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings. | ||||
| CVE-2009-1224 | 1 Scivox | 1 Vsp Stats Processor | 2026-04-23 | N/A |
| SQL injection vulnerability in vsp-core/pub/themes/bismarck/gamestat.php in vsp stats processor 0.45 allows remote attackers to execute arbitrary SQL commands via the gameID parameter. | ||||
| CVE-2009-1229 | 1 Arcadwy | 1 Arcadwy Arcade Script | 2026-04-23 | N/A |
| SQL injection vulnerability in Arcadwy Arcade Script allows remote attackers to execute arbitrary SQL commands via the user cookie parameter. | ||||
| CVE-2009-1245 | 1 Cccp-common-clan-portal-pasterbin | 1 Cccp Pastebin | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1247 | 1 Acutecp.rediscussed | 1 Acutecp | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-1256 | 1 Flexcms | 1 Flexcms | 2026-04-23 | N/A |
| SQL injection vulnerability in FlexCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the ItemId parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1258 | 2 Joomla, Rd-media | 2 Joomla, Com Rdautos | 2026-04-23 | N/A |
| SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1259 | 1 Insanevisions | 1 Adaptbb | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php. | ||||
| CVE-2009-1263 | 2 Alikonweb, Joomla | 2 Com Bookjoomlas, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php. | ||||
| CVE-2009-1277 | 1 Gravityboardx | 1 Gravity Board X | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers to execute arbitrary SQL commands via the member_id parameter in a viewprofile action. NOTE: the board_id issue is already covered by CVE-2008-2996.2. | ||||
| CVE-2009-1282 | 1 Glfusion | 1 Glfusion | 2026-04-23 | N/A |
| SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the glf_session cookie parameter. | ||||
| CVE-2009-1848 | 2 Joomla, Joomlame | 2 Joomla, Com Agoragroup | 2026-04-23 | N/A |
| SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to index.php. | ||||
| CVE-2009-1842 | 1 Phpnuke | 1 Php-nuke | 2026-04-23 | N/A |
| SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header. | ||||
| CVE-2009-1843 | 1 Glenn Mcgurrin | 1 Flash Quiz | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Flash Quiz Beta 2 allow remote attackers to execute arbitrary SQL commands via the (1) quiz parameter to (a) num_questions.php, (b) answers.php, (c) high_score.php, (d) high_score_web.php, (e) results_table_web.php, and (f) question.php; and the (2) order_number parameter to (g) answers.php and (h) question.php. | ||||
| CVE-2009-1850 | 1 Benjamin Curtis | 1 Phpbugtracker | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute arbitrary SQL commands via the password parameter. | ||||