Search Results (19851 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6794 1 Sfs Ez Pub 1 Fsf Ex Pub 2026-04-23 N/A
SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Pub Site allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-0735 1 Auracms 1 Auracms 2026-04-23 N/A
SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the albums parameter.
CVE-2008-6796 1 Preprojects 1 Pre Real Estate Listings 2026-04-23 N/A
SQL injection vulnerability in manager/login.php in Pre Projects Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the username1 parameter (aka the Admin field or Username field).
CVE-2008-5165 1 Eticket 1 Eticket 2026-04-23 N/A
Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote attackers to execute arbitrary SQL commands via the pri parameter to (1) index.php, (2) open.php, (3) open_raw.php, and (4) newticket.php.
CVE-2007-5084 1 Broadcom 1 Brightstor Hierarchical Storage Manager 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others.
CVE-2008-5163 1 Theratstudios 1 The Rat Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewarticle.php and (2) viewarticle2.php.
CVE-2008-6805 1 Micgr 1 Mic Blog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Mic_Blog 0.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to category.php, the (2) user parameter to login.php, and the (3) site parameter to register.php.
CVE-2008-5132 1 Memht 1 Memht Portal 2026-04-23 N/A
SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
CVE-2008-6809 1 Bookingcentre 1 Booking System For Hotels Group 2026-04-23 N/A
SQL injection vulnerability in hotel_habitaciones.php in Venalsur Booking Centre Booking System for Hotels Group 2.01 allows remote attackers to execute arbitrary SQL commands via the HotelID parameter.
CVE-2008-0744 1 Preprojects.com 1 Pre Hotels \& Resorts Management System 2026-04-23 N/A
SQL injection vulnerability in user_login.asp in PreProjects.com Pre Hotels & Resorts Management System allows remote attackers to execute arbitrary SQL commands via the login page.
CVE-2008-6812 1 Surat Kabar 1 Phpwebnews 2026-04-23 N/A
SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
CVE-2007-5061 1 Clansphere 1 Clansphere 2026-04-23 N/A
SQL injection vulnerability in mods/banners/navlist.php in Clansphere 2007.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php in a banners action.
CVE-2008-5131 1 Develop It Easy 1 News And Article System 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter to article_details.php, and the (2) username and (3) password to the admin panel (admin/index.php).
CVE-2008-6851 1 Php Link Directory 1 Php Link Directory 2026-04-23 N/A
SQL injection vulnerability in page.php in PHP Link Directory (phpLD) 3.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the name parameter.
CVE-2008-6852 2 Joomla, Markus Donhauser 2 Joomla\!, Ice Gallery Component For Joomla 2026-04-23 N/A
SQL injection vulnerability in the Ice Gallery (com_ice) component 0.5 beta 2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2008-0754 1 Joomla 1 Com Rapidrecipe 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in the Rapid Recipe (com_rapidrecipe) 1.6.5 component for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the user_id parameter in a showuser action or (2) the category_id parameter in a viewcategorysrecipes action.
CVE-2008-6865 2 Php-nuke, Phpnuke 2 Sections Module, Php-nuke 2026-04-23 N/A
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
CVE-2008-0753 1 Vwar 1 Virtual War 2026-04-23 N/A
SQL injection vulnerability in calendar.php in Virtual War (VWar) 1.5 allows remote attackers to execute arbitrary SQL commands via the month parameter.
CVE-2008-6867 1 Scripts For Sites 1 Ez Career 2026-04-23 N/A
SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter.
CVE-2007-5068 1 Phpfullannu 1 Phpfullannu 2026-04-23 N/A
SQL injection vulnerability in index.php in phpFullAnnu (PFA) 6.0 allows remote attackers to execute arbitrary SQL commands via the mod parameter.