Export limit exceeded: 366485 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19834 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0279 1 Xforum 1 Xforum 2026-04-23 N/A
SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected.
CVE-2008-0278 1 X7 Group 1 X7 Chat 2026-04-23 N/A
SQL injection vulnerability in index.php in X7 Chat 2.0.5 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a sm_window action.
CVE-2008-0270 1 Taskfreak 1 Taskfreak 2026-04-23 N/A
SQL injection vulnerability in index.php in TaskFreak! 0.6.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sContext parameter.
CVE-2008-0267 1 Eticket 1 Eticket 2026-04-23 N/A
Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php.
CVE-2008-0262 1 Agares Media 1 Phpautovideo 2026-04-23 N/A
SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter.
CVE-2008-0256 1 Matteo Binda 1 Asp Photo Gallery 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and (c) thumbricerca.asp and the (2) ricerca parameter to (d) thumbricerca.asp.
CVE-2008-0255 1 Igamingcms 1 Igaming Cms 2026-04-23 N/A
SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter.
CVE-2008-0254 1 Wavelink Media 1 Tutorialcms 2026-04-23 N/A
SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter.
CVE-2008-0232 1 Zero Cms 1 Zero Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Zero CMS 1.0 Alpha allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to index.php, or the (2) f or t parameters to forums/index.php.
CVE-2008-0224 1 Runcms 1 Runcms 2026-04-23 N/A
SQL injection vulnerability in index.php in the Newbb_plus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter.
CVE-2008-0253 1 Binn 1 Sbuilder 2026-04-23 N/A
SQL injection vulnerability in full_text.php in Binn SBuilder allows remote attackers to execute arbitrary SQL commands via the nid parameter.
CVE-2008-0219 1 Php Webquest 1 Php Webquest 2026-04-23 N/A
SQL injection vulnerability in soporte_horizontal_w.php in PHP Webquest 2.6 allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter, a different vector than CVE-2007-4920.
CVE-2008-0187 1 Spacial Audio Solutions 1 Samphpweb 2026-04-23 N/A
SQL injection vulnerability in songinfo.php in SAM Broadcaster samPHPweb, possibly 4.2.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the songid parameter.
CVE-2008-0185 1 Netrisk 1 Netrisk 2026-04-23 N/A
SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the pid parameter in a profile page (possibly profile.php).
CVE-2008-0173 1 Gforge 1 Gforge 2026-04-23 N/A
SQL injection vulnerability in Gforge 4.6.99 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
CVE-2008-0159 1 Eggblog 1 Eggblog 2026-04-23 N/A
SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the eggblogpassword parameter in a cookie.
CVE-2008-0157 1 Flexbb 1 Flexbb 2026-04-23 N/A
SQL injection vulnerability in FlexBB 0.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_temp_id parameter in a cookie.
CVE-2008-0154 1 Evilboard 1 Evilboard 2026-04-23 N/A
SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to execute arbitrary SQL commands the c parameter.
CVE-2008-0147 1 Smallnuke 1 Smallnuke 2026-04-23 N/A
SQL injection vulnerability in index.php in SmallNuke 2.0.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via (1) the user_email parameter and possibly (2) username parameter in a Members action.
CVE-2008-0144 1 Phprisk 1 Netrisk 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences.