Export limit exceeded: 366574 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19841 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1039 1 Porar 1 Webboard 2026-04-23 N/A
SQL injection vulnerability in question.asp in PORAR WEBBOARD allows remote attackers to execute arbitrary SQL commands via the QID parameter.
CVE-2008-5877 1 Phpclanwebsite 1 Phpclanwebsite 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) form_id parameter to pcw/processforms.php, (3) pcwlogin and (4) pcw_pass parameters to pcw/setlogin.php, (5) searchvalue parameter to pcw/downloads.php, and the (6) searchvalue and (7) whichfield parameter to pcw/downloads.php, a different vector than CVE-2006-0444.
CVE-2008-1053 1 Phpnuke 1 Kose Yazilari Module 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the Kose_Yazilari module for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the artid parameter in a (1) viewarticle or (2) printpage action to modules.php.
CVE-2008-1065 1 Xoops 1 Xm Memberstats 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in the XM-Memberstats (xmmemberstats) 2.0e module for XOOPS allow remote attackers to execute arbitrary SQL commands via the (1) letter or (2) sortby parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1077 1 Mamboportal.com 1 Simpleboard 2026-04-23 N/A
SQL injection vulnerability in index.php in the Simpleboard (com_simpleboard) 1.0.3 Stable component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action.
CVE-2008-1094 1 Barracuda Networks 1 Barracuda Spam Firewall 2026-04-23 N/A
SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter.
CVE-2008-1121 1 Eazyportal 1 Eazyportal 2026-04-23 N/A
SQL injection vulnerability in index.php in eazyPortal 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the session_vars cookie.
CVE-2008-1122 1 Dream4 1 Koobi Pro 2026-04-23 N/A
SQL injection vulnerability in the downloads module in Koobi Pro 5.7 allows remote attackers to execute arbitrary SQL commands via the categ parameter to index.php. NOTE: it was later reported that this also affects Koobi CMS 4.2.4, 4.2.5, and 4.3.0.
CVE-2008-1137 2 Joomla, Mambo 2 Com Garyscookbook, Com Garyscookbook 2026-04-23 N/A
SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2008-1163 1 Phparcadescript 1 Phparcadescript 2026-04-23 N/A
SQL injection vulnerability in index.php in phpArcadeScript 1.0 through 3.0 RC2 allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action.
CVE-2008-1149 1 Phpmyadmin 1 Phpmyadmin 2026-04-23 N/A
phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.
CVE-2008-1162 1 Php Web Scripts 1 Dynamic Photo Gallery 2026-04-23 N/A
SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter.
CVE-2008-1164 1 Phpcomasy 1 Phpcomasy 2026-04-23 N/A
SQL injection vulnerability in index.php in phpComasy 0.8 allows remote attackers to execute arbitrary SQL commands via the mod_project_id parameter in a project_detail action.
CVE-2008-1177 1 Affiliate Market 1 Affiliate Market 2026-04-23 N/A
SQL injection vulnerability in shop/detail.php in Affiliate Market (affmarket) 0.1 BETA allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-1219 1 Phpnuke 1 Kutubisitte Component 2026-04-23 N/A
SQL injection vulnerability in the Kutub-i Sitte (KutubiSitte) 1.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the kid parameter in a hadisgoster action to modules.php.
CVE-2008-1220 1 Phpnuke 1 4nchat 2026-04-23 N/A
SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the roomid parameter in an index action to modules.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1272 1 Bmscripts 1 Bm Classifieds 2026-04-23 N/A
Multiple SQL injection vulnerabilities in BM Classifieds 20080309 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to showad.php and the (2) ad parameter to pfriendly.php.
CVE-2008-1308 2 Phpnuke, Sudirman Angriawan 2 Php-nuke, Nukec30 2026-04-23 N/A
SQL injection vulnerability in the Sudirman Angriawan NukeC30 3.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action to modules.php.
CVE-2008-1838 1 Bosdev 1 Bosclassifieds Ads Systems 2026-04-23 N/A
SQL injection vulnerability in BosClassifieds Classified Ads System 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php.
CVE-2008-1840 1 Coppermine 1 Coppermine Photo Gallery 2026-04-23 N/A
SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload.