Export limit exceeded: 366361 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19834 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2234 | 1 Vicidial | 1 Call Center Suite | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin.php in VICIDIAL Call Center Suite 2.0.5-173 allow remote attackers to execute arbitrary SQL commands via the (1) Username parameter ($PHP_AUTH_USER) and (2) Password parameter ($PHP_AUTH_PW). | ||||
| CVE-2009-2232 | 1 Softbizscripts | 1 Banner Ad Management Script | 2026-04-23 | N/A |
| SQL injection vulnerability in image.php in Softbiz Banner Ad Management Script allows remote attackers to execute arbitrary SQL commands via the size_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-2230 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka MyBulletinBoard) before 1.4.7 allows remote authenticated users to execute arbitrary SQL commands via the birthdayprivacy parameter. | ||||
| CVE-2009-2209 | 1 Rs-cms | 1 Rs-cms | 2026-04-23 | N/A |
| SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the key parameter. | ||||
| CVE-2003-1573 | 1 Sun | 1 J2ee | 2026-04-23 | N/A |
| The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages." | ||||
| CVE-2009-1662 | 1 Recipescript | 1 Recipe Script | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/login.php in Wright Way Services Recipe Script 5 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) Password fields, as reachable from admin/index.php. | ||||
| CVE-2008-0327 | 1 Fascript | 1 Famp3 | 2026-04-23 | N/A |
| SQL injection vulnerability in show.php in FaScript FaMp3 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-5603 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2026-04-23 | 9.8 Critical |
| SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-5606 | 1 Bytesfall Explorer | 1 Bytesfall Explorer | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in BytesFall Explorer (bfExplorer) 0.0.7.1 and earlier allow remote attackers to execute arbitrary SQL commands via the username ($User variable) to login/doLogin.php and other unspecified vectors. | ||||
| CVE-2006-6337 | 1 Aspindir | 1 Aspee Ziyaretci Defteri | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in giris.asp in Aspee and Dogantepe Ziyaretci Defteri allow remote attackers to execute arbitrary SQL commands via the (1) kullanici or (2) parola parameter. | ||||
| CVE-2006-6349 | 1 Pwp Technologies | 1 The Classified Ad System | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PWP Technologies The Classified Ad System allow remote attackers to execute arbitrary SQL commands via (1) the main parameter in a view action (includes/mainpage/view.asp) in default.asp or (2) a query in the search engine. | ||||
| CVE-2006-6367 | 1 Duware | 3 Dudownload, Dunews, Dupaypal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in detail.asp in DUware DUdownload 1.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) iFile or (2) action parameter. NOTE: the iType parameter is already covered by CVE-2005-3976. | ||||
| CVE-2006-6706 | 1 Soumu | 3 Koukyoumuke Soumu Workflow, Soumo Workflow, Soumu Workflow | 2026-04-23 | N/A |
| SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 through 01-01, Soumu Workflow 02-00 through 03-03, and Koukyoumuke Soumu Workflow 01-00 through 01-01 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors in certain web pages. | ||||
| CVE-2006-6747 | 1 Dreaxteam | 1 Xt-news | 2026-04-23 | N/A |
| SQL injection vulnerability in show_news.php in Xt-News 0.1 allows remote attackers to execute arbitrary SQL commands via the id_news parameter. | ||||
| CVE-2006-6848 | 1 Aspticker | 1 Aspticker | 2026-04-23 | N/A |
| SQL injection vulnerability in admin.asp in ASPTicker 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO, possibly related to the Password parameter. | ||||
| CVE-2006-6880 | 1 Php-update | 1 Php-update | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in code/guestadd.php in PHP-Update 2.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) newmessage, (2) newname, (3) newwebsite, or (4) newemail parameter. | ||||
| CVE-2006-6912 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-23 | N/A |
| SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter. | ||||
| CVE-2007-0350 | 1 Sme | 1 Filemailer | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in (a) index.php and (b) dl.php in SmE FileMailer 1.21 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ps, (2) us, (3) f, or (4) code parameter. NOTE: the us vector in index.php is already covered by CVE-2007-0346. | ||||
| CVE-2007-1026 | 1 Scriptdungeon | 1 Xlatunes | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in XLAtunes 0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the album parameter in view mode. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-1034 | 1 Php-nuke | 1 Emporium Module | 2026-04-23 | N/A |
| SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||