Search Results (19816 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2897 1 Pagesquid 1 Pagesquid Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-0520 1 Wordpress 1 Wassup Plugin 2026-04-23 N/A
Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) from_date or (2) to_date parameter to spy.php.
CVE-2008-3489 1 Phpx 1 Phpx 2026-04-23 N/A
SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie.
CVE-2008-1305 2 Chieminger, Phpbb 2 Filebase Module, Phpbb 2026-04-23 N/A
SQL injection vulnerability in filebase.php in the Filebase mod for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-6575 1 Brand039 1 Mmslamp 2026-04-23 N/A
SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action.
CVE-2008-6642 1 Dotcontent 1 Fluentcms 2026-04-23 N/A
SQL injection vulnerability in view.php in DotContent FluentCMS 4.x allows remote attackers to execute arbitrary SQL commands via the sid parameter. NOTE: some of these details are obtained from third party information.
CVE-2007-6576 1 Adultscript 1 Adultscript 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php.
CVE-2008-4054 1 Kolifa 1 Download Script 2026-04-23 N/A
SQL injection vulnerability in indir.php in Kolifa.net Download Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-3975 1 Moagallery 1 Moa 2026-04-23 N/A
SQL injection vulnerability in index.php in Moa Gallery 1.1.0 and 1.2.0 allows remote attackers to execute arbitrary SQL commands via the gallery_id parameter in a gallery_view action.
CVE-2008-5779 1 Flds Script 1 Flds 2026-04-23 N/A
SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4150 1 Dieselscripts 1 Diesel Joke Site 2026-04-23 N/A
SQL injection vulnerability in picture_category.php in Diesel Joke Site allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3763.
CVE-2009-3968 1 Itechscripts 1 Itechbids 2026-04-23 N/A
Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php, (2) cate_id parameter to category.php, (3) id parameter to news.php, and (4) productid parameter to itechd.php. NOTE: the sellers_othersitem.php, classifieds.php, and shop.php vectors are already covered by CVE-2008-3238.
CVE-2007-6566 1 Xzero Scripts 1 Xzero Community Classifieds 2026-04-23 N/A
SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php.
CVE-2008-2906 1 Webchamado 1 Webchamado 2026-04-23 N/A
SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the tsk_id parameter.
CVE-2008-2065 1 Yourfreeworld 1 Jokes Site Script 2026-04-23 N/A
SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers to execute arbitrary SQL commands via the catagorie parameter.
CVE-2008-5768 2 Sirium, Xoops 2 Am Events Module, Xoops 2026-04-23 N/A
SQL injection vulnerability in print.php in the AM Events (aka Amevents) module 0.22 for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2451 1 Mim.infinix 1 Infinix 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in MIM:InfiniX 1.2.003 and possibly earlier versions allow remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters in a calendar action, or (3) a search term in the search form.
CVE-2007-6559 1 Logaholic 1 Logaholic 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to execute arbitrary SQL commands via (1) the from parameter to index.php or (2) the page parameter to update.php.
CVE-2007-6577 1 Zsuite 1 Zblog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action.
CVE-2007-6565 1 Blakord 1 Blakord Portal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to an arbitrary component.