Search Results (19812 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6128 1 Flor De Utopia 1 Workingonweb 2026-04-23 N/A
SQL injection vulnerability in events.php in WorkingOnWeb 2.0.1400 allows remote attackers to execute arbitrary SQL commands via the idevent parameter.
CVE-2009-1480 1 Pragyan Cms Project 1 Pragyan Cms 2026-04-23 N/A
SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote attackers to execute arbitrary SQL commands via the fileget parameter in a view action and other unspecified vectors.
CVE-2009-0883 1 Amunak 1 Blue Eye Cms 2026-04-23 N/A
SQL injection vulnerability in Blue Eye CMS 1.0.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the BlueEyeCMS_login cookie parameter.
CVE-2008-2394 1 Tagworx 1 Tagworx Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php.
CVE-2009-0881 1 Josema Enzo 1 Isiajax 2026-04-23 N/A
SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2393 1 Entertainmentscript 1 Entertainmentscript 2026-04-23 N/A
SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0882 1 Roman Bogorodskiy 1 Nforum 2026-04-23 N/A
Multiple SQL injection vulnerabilities in nForum 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to showtheme.php and the (2) user parameter to userinfo.php.
CVE-2007-5061 1 Clansphere 1 Clansphere 2026-04-23 N/A
SQL injection vulnerability in mods/banners/navlist.php in Clansphere 2007.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php in a banners action.
CVE-2009-0851 1 Stewart Howe 1 Celerbb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewforum.php and (2) viewtopic.php.
CVE-2008-2384 3 Apache, Joey Schulze, Redhat 3 Http Server, Mod Auth Mysql, Enterprise Linux 2026-04-23 N/A
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
CVE-2008-2457 1 Bitmixsoft 1 Php-jokesite 2026-04-23 N/A
SQL injection vulnerability in jokes_category.php in PHP-Jokesite 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-1699 1 Desiquintans 1 Writers Block Cms 2026-04-23 N/A
SQL injection vulnerability in permalink.php in Desi Quintans Writer's Block CMS 3.8a allows remote attackers to execute arbitrary SQL commands via the PostID parameter.
CVE-2008-4074 1 Zanfi Solutions 1 Autodealers Cms Autonline 2026-04-23 N/A
SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
CVE-2008-2380 1 Courier-mta 1 Courtier-authlib 2026-04-23 N/A
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes.
CVE-2009-0831 1 Php-fusion 2 Members Cv Module, Php-fusion 2026-04-23 N/A
SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the sortby parameter.
CVE-2009-0829 1 Andrew Freed 1 Quotebook 2026-04-23 N/A
Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the (1) MyBox and (2) selectFavorites parameters to (a) quotes.php and the (3) QuoteName and (4) QuoteText parameters to (b) quotesadd.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2381 1 Gforge 1 Gforge 2026-04-23 N/A
SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable.
CVE-2009-0825 1 Torben Sorensen 1 Tinx\/cms 2026-04-23 N/A
SQL injection vulnerability in system/rss.php in TinX/cms 3.x before 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-5068 1 Phpfullannu 1 Phpfullannu 2026-04-23 N/A
SQL injection vulnerability in index.php in phpFullAnnu (PFA) 6.0 allows remote attackers to execute arbitrary SQL commands via the mod parameter.
CVE-2009-0810 1 Xatrix 1 Xguestbook 2026-04-23 N/A
SQL injection vulnerability in login.php in xGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter.