Export limit exceeded: 366303 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19830 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4433 2 Rmsoft, Xoops 2 Minishop Module, Xoops 2026-04-23 N/A
SQL injection vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops might allow remote attackers to execute arbitrary SQL commands via the itemsxpag parameter.
CVE-2009-4401 2 Fr.simon Rundell, Typo3 2 Ste Parish Admin, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-4460 1 Vastal I-tech 1 Mmorpg Zone 2026-04-23 N/A
SQL injection vulnerability in game.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the game_id parameter.
CVE-2009-4423 1 Weentech 1 Weencompany 2026-04-23 N/A
SQL injection vulnerability in index.php in weenCompany 4.0.0 allows remote attackers to execute arbitrary SQL commands via the moduleid parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-1163 1 Phparcadescript 1 Phparcadescript 2026-04-23 N/A
SQL injection vulnerability in index.php in phpArcadeScript 1.0 through 3.0 RC2 allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action.
CVE-2007-4837 1 Proxy Anket 1 Proxy Anket 2026-04-23 N/A
SQL injection vulnerability in anket.asp in Proxy Anket 3.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4430 1 Virtuemart 1 Virtuemart 2026-04-23 N/A
SQL injection vulnerability in index.php in VirtueMart 1.0 allows remote attackers to execute arbitrary SQL commands via the product_id parameter in a shop.product_details shop.flypage action.
CVE-2009-4432 1 Codemight 1 Videocms 2026-04-23 N/A
SQL injection vulnerability in index.php in CodeMight VideoCMS 3.1 allows remote attackers to execute arbitrary SQL commands via the v parameter in a video action.
CVE-2008-4458 1 E-php Scripts 1 B2b Trading Marketplace Script 2026-04-23 N/A
SQL injection vulnerability in listings.php in E-Php B2B Trading Marketplace Script allows remote attackers to execute arbitrary SQL commands via the cid parameter in a product action.
CVE-2008-6890 1 Codetoad 1 Asp Forum Script 2026-04-23 N/A
SQL injection vulnerability in messages.asp in ASP Forum Script allows remote attackers to execute arbitrary SQL commands via the message_id parameter.
CVE-2008-4459 1 Extrovert Software 1 Thyme 2026-04-23 N/A
SQL injection vulnerability in pick_users.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the uname_search parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-1313 1 Bill Roberts 1 Bloo 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) post_id, (2) post_category_id, (3) post_year_month, and (4) static_page_id parameters; and unspecified other vectors.
CVE-2009-3510 1 Dataspheric 1 Linkspheric 2026-04-23 N/A
SQL injection vulnerability in viewListing.php in linkSpheric 0.74 Beta 6 allows remote attackers to execute arbitrary SQL commands via the listID parameter.
CVE-2008-4344 1 6rbscript 1 6rbscript 2026-04-23 N/A
SQL injection vulnerability in cat.php in 6rbScript allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
CVE-2009-3505 1 Vastal 1 Mmorpg Zone 2026-04-23 N/A
SQL injection vulnerability in view_news.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. NOTE: the game_id vector is already covered by CVE-2008-4460.
CVE-2009-3504 1 Alibabaclone 1 Alibaba Clone 2026-04-23 N/A
SQL injection vulnerability in offers_buy.php in Alibaba Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4338 1 Vacilanda 1 Brilliant Gallery 2026-04-23 N/A
SQL injection vulnerability in the brilliant_gallery_checklist_save function in the bgchecklist/save script in Brilliant Gallery 5.x and 6.x, a module for Drupal, allows remote authenticated users with "access brilliant_gallery" permissions to execute arbitrary SQL commands via the (1) nid, (2) qid, (3) state, and possibly (4) user parameters.
CVE-2009-3503 1 Bpowerhouse 1 Bpholidaylettings 2026-04-23 N/A
Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) rid and (2) tid parameters.
CVE-2008-1137 2 Joomla, Mambo 2 Com Garyscookbook, Com Garyscookbook 2026-04-23 N/A
SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2009-3502 1 Bpowerhouse 1 Bpmusic 2026-04-23 N/A
SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote attackers to execute arbitrary SQL commands via the music_id parameter.