Search Results (19863 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3590 1 Egi Zaberl 1 E.z. Poll 2026-04-23 N/A
Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. Poll 2 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3588 1 Phsblog 1 Phsblog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in phsBlog 0.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to comments.php, (2) cid parameter to index.php, and the (3) urltitle parameter to entries.php.
CVE-2008-3586 1 Joomla 1 Com Ezstore 2026-04-23 N/A
SQL injection vulnerability in the EZ Store (com_ezstore) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2008-3585 1 Pozscripts 1 Greencart Php Shopping Cart 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PozScripts GreenCart PHP Shopping Cart allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) product_desc.php and (2) store_info.php.
CVE-2008-3582 1 Keld 1 Php-mysql News Script 2026-04-23 N/A
SQL injection vulnerability in login.php in Keld PHP-MySQL News Script 0.7.1 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-3580 1 Qsoft 1 K-links 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to visit.php, or the PATH_INFO to the default URI under (2) report/, (3) addreview/, or (4) refer/.
CVE-2008-3297 1 Social Engine 1 Social Engine 2026-04-23 N/A
Multiple SQL injection vulnerabilities in SocialEngine (SE) before 2.83 allow remote attackers to execute arbitrary SQL commands via (1) an se_user cookie to include/class_user.php or (2) an se_admin cookie to include/class_admin.php.
CVE-2008-3291 1 Aprox 2 Aprox Cms Engine, Aproxengine 2026-04-23 N/A
SQL injection vulnerability in index.php in AproxEngine (aka Aprox CMS Engine) 5.1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3267 1 Mojoscripts 1 Mojojobs 2026-04-23 N/A
SQL injection vulnerability in mojoJobs.cgi in MojoJobs allows remote attackers to execute arbitrary SQL commands via the cat_a parameter.
CVE-2008-7038 2 Maxdev, Phpnuke 2 My Egallery, Php-nuke 2026-04-23 N/A
SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.
CVE-2008-3266 1 Softacid 1 Hotel Reservation System Multi 2026-04-23 N/A
SQL injection vulnerability in picture_pic_bv.asp in SoftAcid Hotel Reservation System (HRS) Multi allows remote attackers to execute arbitrary SQL commands via the key parameter.
CVE-2008-3265 1 Joomla 1 Com Dtregister 2026-04-23 N/A
SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the eventId parameter in a pay_options action to index.php.
CVE-2008-3258 1 Zoph 1 Zoph 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Zoph before 0.7.0.5 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3256 1 Siteframe 2 Siteframe Beaumont, Siteframe Cms 2026-04-23 N/A
SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and earlier, and Siteframe Beaumont 5.0.5 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3254 1 Precoc 1 Precms 2026-04-23 N/A
SQL injection vulnerability in index.php in preCMS 1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a UserProfil action.
CVE-2008-3251 1 Tpl Design 1 Tplsoccersite 2026-04-23 N/A
Multiple SQL injection vulnerabilities in tplSoccerSite 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the opp parameter to tampereunited/opponent.php; or the id parameter to (2) index.php, (3) player.php, (4) matchdetails.php, or (5) additionalpage.php in tampereunited/.
CVE-2008-3250 1 Arctictracker 1 Arctic Issue Tracker 2026-04-23 N/A
SQL injection vulnerability in index.php in Arctic Issue Tracker 2.0.0 allows remote attackers to execute arbitrary SQL commands via the filter parameter.
CVE-2008-3245 1 Cable-modems 1 Phphoo3 2026-04-23 N/A
SQL injection vulnerability in phpHoo3.php in phpHoo3 4.3.9, 4.3.10, 4.4.8, and 5.2.6 allows remote attackers to execute arbitrary SQL commands via the viewCat parameter.
CVE-2008-3241 1 Ultrastats 1 Ultrastats 2026-04-23 N/A
SQL injection vulnerability in players-detail.php in UltraStats 0.2.136, 0.2.140, and 0.2.142 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3240 1 Alstrasoft 1 Affiliate Network Pro 2026-04-23 N/A
SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote attackers to execute arbitrary SQL commands via the pgm parameter in a directory action.